Description
Bearer CLI provides built-in rules against a common set of security risks and vulnerabilities, known as OWASP Top 10, and privacy risks. Here are some practical examples of what those rules look for:
- Non-filtered user input (SQL injection, path traversal, etc.)
- Leakage of sensitive data through cookies, internal loggers, third-party logging services, and into analytics environments.
- Usage of weak encryption libraries or misusage of encryption algorithms.
- Unencrypted incoming and outgoing communication (HTTP, FTP, SMTP) of sensitive data.
- Hard-coded secrets and tokens.
And many more.
Bearer CLI supports Ruby, JavaScript and TypeScript, making it the default choice for an all-in-one scanner for every Rails applications.
Bearer alternatives and similar gems
Based on the "Security" category.
Alternatively, view bearer alternatives based on common mentions on social networks and blogs.
-
Hashids
A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user. -
Ronin
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd party git repositories. -
Rack::UTF8Sanitizer
Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers. -
ActiveHashcash
Protect Rails applications against bots and brute force attacks without annoying humans. -
ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects. -
TSS - Threshold Secret Sharing
A Ruby implementation of Threshold Secret Sharing (Shamir) as defined in IETF Internet-Draft draft-mcgrew-tss-03.txt -
Rack::ContentSecurityPolicy
DISCONTINUED. Rack middleware for declaratively setting the HTTP ContentSecurityPolicy (W3C CSP Level 2/3) security header to help prevent against XSS and other browser based attacks. -
sessionKeys
A tool for the deterministic generation of unique user IDs, and NaCl cryptographic keys from a single username and high entropy passphrase.
InfluxDB - Power Real-Time Data Analytics at Scale
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of Bearer or a related project?