dawn is a security static source code analyzer for web applications written in ruby. It supports major MVC frameworks like sinatra, padrino and ruby on rails. dawn output is a list of security vulnerabilities affecting your code with a suggestion on how to mitigate all of them.
Gemfile gem 'codesake-dawn', '~> 0.75'
install gem install codesake-dawn -v 0.75