• 下载频道 http://www.it165.net/down/
  • Ruby on Rails静态代码扫描工具 Brakeman v1.9.5

    发布日期:2013-04-23 11:02:01
    Tag标签:Ruby  on  Rails  静态代码  Brakeman  
    • Brakeman是一个针对Ruby on Rails应用的开源安全扫描工具,他可以静态分析Rails应用代码,帮助安全研究人员在开发流程中发现安全问题。
      \
       

      与其他大多数web安全扫描器不同的是,Brakeman检查的是你应用的源代码(白盒),并可以最终生成一份不错的报告。

      特性


      配置简单
      Brakeman requires zero setup or configuration once it is installed. Just run it.

      白盒扫描
      Because all Brakeman needs is source code, Brakeman can be run at any stage of development: you can generate a new application with rails new and immediately check it with Brakeman.

      不依赖于爬虫,覆盖全面
      Since Brakeman does not rely on spidering sites to determine all their pages, it can provide more complete coverage of an application. This includes pages which may not be ‘live’ yet. In theory, Brakeman can find security vulnerabilities before they become exploitable.

      可检查应用配置
      Brakeman is specifically built for Ruby on Rails applications, so it can easily check configuration settings for best practices.

      测试灵活
      Each check performed by Brakeman is independent, so testing can be limited to a subset of all the checks Brakeman comes with.

      速度优越于黑盒测试
      While Brakeman may not be exceptionally speedy, it is much faster than “black box” website scanners. Even large applications should not take more than a few minutes to scan.


       
    下载标题  (选择版本点击标题下载) 文件 资源大小
    附件说明 it165.net_0423brakeman.zip 642KB
    次元立方 - 广告服务 - 隐私声明 - 版权申明 - 免责条款 - 网站地图 - 网友投稿 - 联系方式
    本站内容来自于互联网,仅供用于网络技术学习,学习中请遵循相关法律法规