dawn is a security static source code scanner for web applications written in ruby. It supports major MVC frameworks like sinatra, padrino and ruby on rails. dawn output is a list of security vulnerabilities affecting your code. Latest stable version contains more than 150 secutiy checks with their own mitigation suggestion.
Gemfile gem 'codesake-dawn', '~> 1.0.6'
install gem install codesake-dawn -v 1.0.6