Open Source Ruby Security Software
Sort By:
Ruby Security Software
View 5878 business solutionsBrowse free open source Ruby Security Software and projects below. Use the toggles on the left to filter open source Ruby Security Software by OS, license, language, programming language, and project status.
-
Unified Platform for HR, Finance, and ITPaylocity brings HR, Finance, and IT together to empower teams, simplify processes, and deliver real results. But we're more than a platform — we're the partner helping you shape the future of work.
-
Dynamic Work and Complex Project Management Platform | QuickbaseOur no-code platform lets you easily create, connect, and customize enterprise applications that fix visibility and workflow gaps without replacing a single system.
-
1
WPScan
WPScan WordPress security scanner
WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators. -
2
Password Pusher
An application to securely communicate passwords over the web
Give your users the tools to be secure by default. Password Pusher is an open source application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed. Only enter a password into the box. Other identifying information can compromise security. All passwords are encrypted prior to storage and are available to only those with the secret link. Once expired, encrypted passwords are unequivocally deleted from the database. -
3
Robolinux
Announcing Robolinux Cinnamon 14.1
Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org -
4
<<Hack|Track GNU/Linux
Distro Penetrasing Live System Burn to USB Flash Disk & Run.
<<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing. -
Airlock Digital - Application Control (Allowlisting) Made SimpleFor organizations seeking the most effective way to prevent malware and ransomware in their environments. It has been designed to provide scalable, efficient endpoint security for organizations with even the most diverse architectures and rigorous compliance requirements. Built by practitioners for the world’s largest and most secure organizations, Airlock Digital delivers precision Application Control & Allowlisting for the modern enterprise.
-
5
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time. Brakeman will now track and return very simple literal values (e.g. strings, hashes of literals, arrays of literals) from very simple class methods (e.g. single line). Since ActiveRecord enums essentially generate some class (and instance) methods that return fixed literal values, the above class method return values is also used to support enum. -
6
Doorkeeper
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape
Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2 provider functionality to your Ruby on Rails or Grape application. Doorkeeper is an oAuth2 provider built in Ruby. It integrates with Ruby on Rails and Grape frameworks. The installation process depends on the framework you're using. Doorkeeper follows Rails maintenance policy and supports only supported versions of the framework. Currently, we support Ruby on Rails 5 and higher. Extensions that are not included by default and can be installed separately. These applications show how Doorkeeper works and how to integrate with it. Start with the oAuth2 server and use the clients to connect with the server. See list of tutorials in order to learn how to use the gem or integrate it with other solutions/gems. -
7
ANDRAX Hacker's Platform
Advanced Ethical Hacking and Penetration Testing Platform
The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux -
8
Devise
Flexible authentication solution for Rails with Warden
Devise is a flexible authentication solution for Rails that is based on Warden, a general Rack authentication framework. It is a complete MVC solution based on Rails engines that lets you have several models signed in at the same time. It consists of 10 modules: 1. Authenticatable Module, responsible for password hashing and validating user authenticity when signing in 2. Omniauthable adds OmniAuth support 3. Confirmable is responsible for verifying if an account is already confirmed during sign in 4. Recoverable oversees the resetting of the user password and sends reset instructions 5. Registerable handles all aspects related to registering a new resource 6. Rememberable takes care of generating and clearing token for remembering the user from a saved cookie 7. Trackable tracks info about user sign in 8. Timeoutable expires inactive sessions 9. Validatable provides email and password validations, and lastly 10. Lockable, which locks an account after some failed sign-ins -
9
OmniAuth
OmniAuth is a flexible authentication system utilizing Rack middleware
OmniAuth is a library that standardizes multi-provider authentication for web applications. It was created to be powerful, flexible, and do as little as possible. Any developer can create strategies for OmniAuth that can authenticate users via disparate systems. OmniAuth strategies have been created for everything from Facebook to LDAP. In order to use OmniAuth in your applications, you will need to leverage one or more strategies. These strategies are generally released individually as RubyGems, and you can see a community-maintained list on the wiki for this project. One strategy, called Developer, is included with OmniAuth and provides a completely insecure, non-production-usable strategy that directly prompts a user for authentication information and then passes it straight through. You can use it as a placeholder when you start development and easily swap in other strategies later. -
Assembled is the only unified platform for staffing and managing your human and AI support team.Assembled is the only platform that unifies AI agents and intelligent workforce management to power fast and flexible support operations. Built for scale, we help teams automate over 50% of customer interactions, forecast with 90%+ accuracy, and optimize staffing across in-house and BPO teams. Orchestrate every chat, email, or call, balancing workloads between human and AI agents in real time — without sacrificing quality or control. Trusted by Stripe, Canva, and Robinhood, Assembled transforms support from a cost center into a strategic advantage. Our Workforce and Vendor Management tools connect forecasting, scheduling, and performance for smarter staffing decisions. AI Agents automate conversations across channels with your workflows and brand voice. AI Copilot empowers agents with real-time guidance, suggested replies, and one-click actions for faster, higher-quality resolutions.
-
10
WhatWeb
Next generation web scanner
WhatWeb is a Ruby-based web scanner for fingerprinting websites. It identifies CMS, server technologies, JavaScript frameworks, and other characteristics by analyzing HTML, headers, JavaScript, cookies, and responses. Commonly used in reconnaissance and security assessments. -
11
CanCanCan
The authorization Gem for Ruby on Rails
CanCanCan is an authorization library for Ruby and Ruby on Rails which restricts what resources a given user is allowed to access. All permissions can be defined in one or multiple ability files and not duplicated across controllers, views, and database queries, keeping your permissions logic in one place for easy maintenance and testing. Authorizations library that allows you to define the rules to access different objects, and provides helpers to check for those permissions. Rails helpers to simplify the code in Rails Controllers by performing the loading and checking of permissions of models automatically and reduce duplicated code. The current user's permissions can then be checked using the can? and cannot? methods in views and controllers. One of the key features of CanCanCan, compared to other authorization libraries, is the possibility to retrieve all the objects that the user is authorized to access. -
12
Rack::Attack
Rack middleware for blocking & throttling
Protect your Rails and Rack apps from bad clients. Rack::Attack lets you easily decide when to allow, block and throttle based on properties of the request. Rack middleware for blocking & throttling abusive requests. Tackling each curious anomaly that threatens your site’s reliability saps developer productivity and happiness. Rack::Attack lets you throttle abusive requests with just a few lines of code. For the security of our users, we have a stricter throttle for login attempts. This makes it very time consuming for attackers to guess users’ passwords. We also use the IPCat ruby library to detect requests from well-known datacenters. Rack::Attack can also track requests without blocking them. We rely on Rack::Attack to let developers quickly track and throttle requests. It helps keep our site reliable, so we can spend more energy building better features. We’re glad to make it publicly available to the open-source community. -
13
Username Anarchy
Username generator for penetration testing and user enumeration
Username Anarchy is an open source command line tool designed to generate possible usernames for use in penetration testing and security assessments. It focuses on solving one of the common challenges in authentication attacks: identifying valid usernames before attempting password attacks. It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists. -
14
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers -
15
Zynix-Fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
16
myAuxiliary.rb
msf post-exploitation auxiliary module
This auxiliary module needs [metasploit] framework installed.. This module its a metasploit post-exploitation (after the targets get's exploited) auxiliary script, so we need to exploit a target first in order to use it. Affected platforms: Windows OS (all versions above windows vista) Read my WIKI for further info: https://sourceforge.net/p/myauxiliarymete/wiki/Home/ -
17
BashCore
A custom Debian live ISO with security tools, no GUI, only Bash.
BashCore is a Debian-based live ISO for security, networking, and learning. CLI-only, Bash-driven, lightweight, GPU-ready, with optional PREEMPT_RT kernel. Fresh environment on every boot, ideal for safe experimentation. Also available: BashCoreX (XFCE GUI) BashCoreT (Trixie CLI, Linux 6.12) BashCoreTX (Trixie XFCE) BashCoreZ (ultra-minimal CLI) BashLabOS (XFCE, daily use & privacy tools) BashCoreGee (GNOME, installable via Calamares) Info: https://www.bashcore.org -
18
RogueScanner is a network security tool for automatically discovering rogue wireless access points by scanning a wired network. In addition to finding access points, it will classify all discovered network devices
-
19
Your friendly neighborhood hackers for hire. We are a group of individuals providing our clients the best support and troubleshooting advice and some of what we believe to be the best open source software and OS. Enjoy!
-
20
Compensato is full suite of diagnostic and troubleshooting tools (focused on troubleshooting Windows environments at the moment) that runs from an Ubuntu based Linux live environment. Once booted a browser winow will launch and the program will automatically look for a Windows installation to work with. You should be able to have this Windows installation visible to the system either internally or externally.
-
21
FHAP is a web front-end to the nmap port scanner. It makes use of Perl and a PostgreSQL database to identify system/port trends on a network.
-
22
MRTG Is An Open Source Program for generating rainbow tables.
-
23
-
24
Arachni
Web Application Security Scanner Framework
Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. -
25
This is a apache v2.0 authentication module. Based on html form authentication and cookie authentication session. Cookie session are stored in memcache deamon. Can be used has an simple "Single Signe-On" (SSO). All the code source and the bug tracking has migrated to github: https://github.com/ZenProjects/Apache-Authmemcookie-Module All the documentation are here: https://zenprojects.github.io/Apache-Authmemcookie-Module/
