BRAKEMAN: Rails Security Scanner

Introduction

Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly scans through the source code of our application which eliminates the need to set-up our whole application stack in order for using this expedient security tool. After scanning, it produces a report of all the security issues it has identified.

Advantages

Run It Anytime Because all that Brakeman needs is the source code and it (Brakeman) can be run at any stage of development: We can generate a new application with rails and immediately scan it using Brakeman. Better Coverage It provides more coverage to our application. It checks the pages which might not be ‘live’ yet and even finds security vulnerabilities before they become exploitable. Speed It is much faster than “black box” website scanners which is evident from the fact that it takes very few minutes to scan very large applications.

Limitations

False Positives Being somewhat suspicious, it runs the risk of leading to many “false positives.” Unusual Configurations It assumes a “typical” Rails setup. If some parts of the app do not fall under normal Rails application layout, there are high chances that, that part could be missed while scanning. Isn’t Omniscient Brakeman cannot understand everything which is happening in the code. Sometimes, it just makes reasonable assumptions. It may miss things. It may misinterpret things. But it does try its best. For Issues, check: https://github.com/presidentbeef/brakeman/issues

Installing Brakeman

Gem install
gem install brakeman
Brakeman gems are now signed, which means the contents of the gem can be verified using the public Brakeman certificate. Include the below certificates as “trusted” to verify the gem; # Brakeman
gem cert --add <(curl -Ls https://raw.github.com/presidentbeef/brakeman/master/brakeman-public_cert.pem)
# ruby_parser, etc.
gem cert --add <(curl -Ls http://www.zenspider.com/~ryan/gem-public_cert.pem)
# multijson
gem cert --add <(curl -Ls https://raw.githubusercontent.com/intridea/multi_json/master/certs/rwz.pem)
To verify:
gem install brakeman -P MediumSecurity
bundler Brakeman can be added to a Gemfile:
gem "brakeman", :require => false
git clone
git clone git://github.com/presidentbeef/brakeman.git
cd brakeman
gem build brakeman.gemspec
gem install brakeman-*.gem

Running Brakeman

Just run it with no options in the root directory of our Ruby application:
cd your_rails_app/
brakeman
It scans the application and gives the output as a report to the command line. Alternatively, we can supply a path as an option to Brakeman:
brakeman your_rails_app
Even more specifically:
brakeman -p your_rails_app

References

BrakemanScanner: https://brakemanscanner.org/docs/ Github: https://github.com/presidentbeef/brakeman RubyGems: https://rubygems.org/gems/brakeman/versions/3.3.2 RailsCasts: http://railscasts.com/episodes/358-brakeman

Subscribe For Latest Updates

Related Posts

About Post Author

Leave a Comment

Your email address will not be published. Required fields are marked *