This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1303
dawnscanner
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)
Description
Dawnscanner is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Dawnscanner is raising security scanner for ruby web applications. dawnscanner is a source code scanner designed to review your ruby code for securityissues. dawnscanner is able to scan plain ruby scripts (e.g. command line applications) butall its features are unleashed when dealing with web applications source code.dawnscanner is able to scan major MVC (Model View Controller) frameworks, out of thebox (Ruby on Rails, Sinatra, Padrino)
When Dawnscanner is run on your code, it parses your project for the gems used and it tries to detect the ruby interpreter version you are using or you declared in your ruby version management tool you like most (RVM, rbenv, ...).
Then the tool tries to detect the MVC framework your web application uses and it applies the security check accordingly. There checks designed to match rails application or checks that are applicable to any ruby code.
Dawnscanner can also understand the code in your views and to back track sinks to spot cross site scripting and SQL injections introduced by the code you actually wrote. Dawnscanner security scan result is a list of vulnerabilities with some mitigation actions you want to follow in order to build a stronger web application.
Additional Details
1.6MB
false
Unknown
dawnscanner, 1303, source, corporation, external, inferlink, external data source, inferlink corporation, ruby, web, applications, security, scanner, rails, sinatra, frameworks, padrino, analysis, static, supports, written, code, scan, application, checks, mvc, version, tool, detect, designed, views, controller, thebox, butall, injections, declared, features, view, track, scripts, introduced, match, cross, vulnerabilities, build, management, project, framework, site, parses, command, follow, unleashed, review, stronger, plain, actions, wrote, spot, applies, gems, rvm, understand, applicable, interpreter, check, other, dealing, securityissues, model, scripting, result, sql, raising, rbenv, mitigation, major, sinks, list