Ruby Rails Testing

Hopefully some useful tips for auditing and bug hunting ruby rails apps.

  • Brakeman is a good start for automated source code analysis http://brakemanscanner.org/
  • Generate model and controller UML diagrams using https://github.com/preston/railroady
    • /myapp$ ~/railroady/bin/railroady -a -i -m -p -z -t –engine-controllers -C | dot -Tsvg > controllers.svg
  • Run $ rake routes to list controllers and routes
  • Improper use of regex. http://guides.rubyonrails.org/security.html#regular-expressions

Debug tips

  • <variable>.methods prints object methods
  • <variable>.inspect prints object values

Some useful links

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s