[GPC] OWASP Project - Brakeman - Static-ish Analysis for Ruby on Rails Applications

Neil Matatall neil at owasp.org
Fri Jul 2 19:38:44 EDT 2010


I just wanted to get a feeler, I can provide the rest if there is
interest.  It is still in development.  This tool is being developed
for AT&T Interactive with the plan of open sourcing it.

A – PROJECT

   1. Project Name - Brakeman
   2. Project Purpose - Scan Rails applications and look for potential
vulnerabilities
   3. Project License - LGPL?
   4. Project Leader - Justin Collins
   5. Project Maintainer - TBD
   6. Project Contributor(s) - Justin Collins

Can detect:
-Bad string interpolation in calls to Model.find, Model.last,
Model.first, and instances of Model, as well as chained calls ending
in 'find' (SQL Injection)
-String interpolation in find_by_sql (SQL Injection)
-String interpolation or params in calls to system, exec, and syscall
and `` (Command Injection)
-Unrestricted mass assignments
-Global restriction of mass assignment
-Missing call to protect_from_forgery in ApplicationController (CSRF protection)
-Default routes, per-controller and globally
-Redirects based on params (probably too broad currently)

General capabilities:
-Search for method calls based on target class and/or method name
-Determine 'output' of templates using ERB, Erubis, or HAML

--

Neil


More information about the Global-projects-committee mailing list