The Ruby Toolbox: Security Tools

xss_terminate is a plugin in that makes stripping and sanitizing HTML stupid-simple. Install and forget. And forget about forgetting to h() your output, because you won‘t need to anymore.

Last commit: 5 months ago

On the web

GitHub: look/xss_terminate

Home: code.google.com/p/xssterminate/

Documentation

RDoc: rdoc.info/projects/look/xss_terminate

In the news

auto escaping html in Rails to protect from XSS 7 months ago

xss_terminate now Rails 2.2 ready; code now on GitHub about 1 year ago

89

Watchers: 74
Forks: 3

5. find_mass_assignment

Find likely mass assignment vulnerabilities

Last commit: about 1 month ago

On the web

GitHub: mhartl/find_mass_assignment

Documentation

RDoc: rdoc.info/projects/mhartl/find_mass_assignment

As a Ruby Gem

GitHub: mhartl-find_mass_assignment (Current version: 1.0)

gem install mhartl-find_mass_assignment --source "http://gems.github.com"

In the news

Double Shot #352 about 1 year ago

45

Watchers: 35
Forks: 2

6. param_protected

Filter unwanted params from your controllers/actions in your Rails app. Provides param_protected and param_accessible analogous to ActiveRecord's attr_protected and attr_accessible.

Last commit: 21 days ago

On the web

GitHub: cjbottaro/param_protected

Home: blog.stochasticbytes.com/2008/01/paramprotected.html

Documentation

RDoc: rdoc.info/projects/cjbottaro/param_protected

As a Ruby Gem

Rubyforge: param_protected (Current version: 1.2.0)

gem install param_protected

GitHub: cjbottaro-param_protected (Current version: 1.1.0)

gem install cjbottaro-param_protected --source "http://gems.github.com"

In the news

Well, it seems there are no news about cjbottaro/param_protected yet...

5

Watchers: 9
Forks: 0
35% Penalty

7. audit_mass_assignment

Checks Ruby on Rails models for use of the attr_accessible white list.

Last commit: about 1 year ago

On the web

GitHub: ryanlowe/audit_mass_assignment

Home: www.disruptiveagility.com/plugin/audit_mass_assignment

Documentation

RDoc: rdoc.info/projects/ryanlowe/audit_mass_assignment

As a Ruby Gem

GitHub: ryanlowe-audit_mass_assignment (Current version: 0.1.5)

gem install ryanlowe-audit_mass_assignment --source "http://gems.github.com"

In the news

Well, it seems there are no news about ryanlowe/audit_mass_assignment yet...

5

Watchers: 8
Forks: 0
35% Penalty

8. xss-shield

Unofficial updated version of the original XSS-Shield plugin at http://code.google.com/p/xss-shield/

Last commit: about 1 year ago

On the web

GitHub: jamestyj/xss-shield

In the news

Well, it seems there are no news about jamestyj/xss-shield yet...

3

Watchers: 5
Forks: 0
35% Penalty

9. cross_site_sniper

Ruby on Rails Plugin that automatically wraps html_escape() around ActiveRecord attribute methods associated with string and text fields in the database.

Last commit: about 1 year ago

On the web

GitHub: wwidea/cross_site_sniper

Documentation

RDoc: rdoc.info/projects/wwidea/cross_site_sniper

In the news

Well, it seems there are no news about wwidea/cross_site_sniper yet...

ActiveRecord Default Values (2)	ActiveRecord Encryption (6)	ActiveRecord Index Assist (2)
ActiveRecord Named Scopes (7)	ActiveRecord Nesting (5)	ActiveRecord Soft Delete (3)
ActiveRecord Sortables (2)	ActiveRecord Value Cleanup (6)	ActiveRecord Versioning (7)
API Clients (42)	Backups (4)	Browser testing (8)
Calendars (5)	Code Metrics (9)	Content Management (14)
Continuous Integration (7)	Continuous Testing (2)	CouchDB Clients (7)
CSS Frameworks (8)	CSS with Ruby (4)	Daemon Management (2)
Daemonizing (7)	Dependency Management (9)	Deployment Automation (7)
Documentation Tools (6)	E-Commerce (5)	E-Mail (6)
Exception Notification (7)	Game libraries (5)	Gem Creation (7)
Gem Doc Viewers (4)	Geocoding & Maps (10)	Graphing (7)
HTML parsing (5)	HTTP clients (9)	I18n (10)
Image Processing (4)	irb Tools (8)	IRC Bots (5)
JavaScript Frameworks (8)	JavaScript Testing (6)	JavaScript Tools (6)
LDAP (5)	Markup processors (5)	Microformats (4)
Mocking (5)	Mocking Web Requests (3)	Music & MIDI (7)
Packaging Systems (4)	Packaging to Executables (3)	PDF Generation (7)
Project Management (4)	Prototype Replacements (3)	Queueing (15)
Rails Admin Interfaces (6)	Rails App Templates (4)	Rails Asset Management (6)
Rails Authentication (5)	Rails Authorization (10)	Rails Captcha (6)
Rails Comments (5)	Rails Controller Abstractions (5)	Rails DB Bootstrapping (4)
Rails File Uploads (6)	Rails Fixture Replacement (7)	Rails Form Builders (4)
Rails In-Place Editing (6)	Rails Instrumentation (6)	Rails Menu Builders (14)
Rails Pagination (4)	Rails Permalinks & Slugs (8)	Rails Ratings (5)
Rails Search (13)	Rails Subdomains (6)	Rails Tagging (4)
Rails Wizards (4)	Random Data Generation (4)	Recurring Events (8)
RSS Feed Parsing (6)	Scheduling (4)	Scripting Frameworks (4)
Security Tools (9)	Server Monitoring (2)	SOAP Clients (3)
Social Network Builders (7)	Spam Detection (6)	State Machines (6)
Static Website Generation (9)	Syntax Highlighting (5)	Systems Integration (7)
Template Languages (10)	Testing frameworks (21)	Text Editors in Ruby (3)
Time Warping (3)	Visualizing Data (2)	Web app frameworks (9)
Web servers (5)	Wiki Apps (13)	XML Mapping (4)

	rails_xss 100%

	tarantula 99%

	loofah 78%

	xss_terminate 50%

	find_mass_assignment 28%

	param_protected 14%

	audit_mass_assignment 1%

	xss-shield 1%

	cross_site_sniper 0%

Security Tools

Sponsored by

Popularity ranks

Something missing?

Feeds

Latest News

In the News - Blog posts about featured projects

Recently Added Projects

Recently Added Categories

312

Penalties & Bonuses :

1. rails_xss

On the web

Documentation

In the news

311

2. tarantula

On the web

As a Ruby Gem

In the news

245

3. loofah

On the web

Documentation

As a Ruby Gem

In the news

159

Penalties & Bonuses :

4. xss_terminate

On the web

Documentation

In the news

89

5. find_mass_assignment

On the web

Documentation

As a Ruby Gem

In the news

45

6. param_protected

On the web

Documentation

As a Ruby Gem

In the news

5

Penalties & Bonuses :

7. audit_mass_assignment

On the web

Documentation

As a Ruby Gem

In the news

5

Penalties & Bonuses :

8. xss-shield

On the web

In the news

3

Penalties & Bonuses :

9. cross_site_sniper

On the web

Documentation

In the news

News

Stats

Copyright

Contact