I just released Codesake::Dawn version 1.2. Dawn is a source code scanner for security issues designed to analyze ruby written web applications.
It supports Rails, Sinatra and Padrino and it has 180 security checks in its codebase.
Now I'm working to integrate ruby_parser gem and to add in depth ruby code parsing and understanding so to spot also custom vulnerabilities introduced in the web application.
Now it can spot just vulns introduced by the libraries version you're using in your Gemfile.
It supports Rails, Sinatra and Padrino and it has 180 security checks in its codebase. Now I'm working to integrate ruby_parser gem and to add in depth ruby code parsing and understanding so to spot also custom vulnerabilities introduced in the web application.
Now it can spot just vulns introduced by the libraries version you're using in your Gemfile.
It would be great having your feedback, here or in our Google group: https://groups.google.com/d/forum/codesake-dawn
Thank you Paolo