A static analysis security vulnerability scanner for Ruby on Rails applications
OTHER License
Bot releases are hidden (Show)
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Sexp#method_missing
-q
flag for "Rails 3 detected" messagePublished by presidentbeef over 10 years ago
--compare
(fsword)--rake
option (Deepak Kumar)to_json
XSS (Neil Matatall)redirect_to
false negativeraw
callscontent_tag
or
expressions as immediate valuesPublished by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
params[:x] ||=
is handledor
expressions as immediate valuesPublished by presidentbeef over 10 years ago
request.parameters
as a parameters hashbefore_filter :except
logic--compare
Published by presidentbeef over 10 years ago
render :template => ...
Published by presidentbeef over 10 years ago
find_by_*
method for SQL injectionPublished by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago
Published by presidentbeef over 10 years ago