Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
|Tags||Security code review vulnerability Detection|
|Operating Systems||Linux mac Cygwin|
Release Notes: This release fixes the PHP (php/xss.db) database, which had a blank line at the end, causing everything to match. It adds a test case for blank lines in signature scripts. It adds a database validating aux script. It updates the Makefile file manifest. It fixes a bug in the test script template (t/blank-test.sh).
Release Notes: The -L operator now does vim-friendly line numbers. Man pages and documentation were updated. Signatures for PHP, JSP, Dotnet, Perl, and Python were updated. Bugs in the aux/ scripts were fixed and additional scripts were provided. CVS directories are now ignored by default.
Release Notes: New PHP signatures. Improved C signatures for fewer false positives. Improved dotnet signatures. Whitespace neutrality for all signatures. The -l operator lists available databases. An -x operator for excluding files. A configure script has been added to the make chain. Makefile install targets have changed, install is now server-wide.
Release Notes: This release adds a bugfix for greedy separator code, imports C rules from RATS, starts a test suite transition to the Junio C Hamano Git-inspired one, adds a case insensitive switch, adds dotnet signatures, discontinues the rough database, adds the combined database "all", and supports the GRDIR enviroment variable.
Release Notes: New features for server-wide installation. A source distribution file for package maintainers. Signature bugfixes. New PHP, Python, and Perl signatures. Deprecation of the rough signature set. A fix in graudit usage text. Improved documentation. Several color modes are supported.