Tool and Usage
|Programming language||shell script|
|Latest release||2.4 |
Why this tool?
Analysis of source code helps to find programming flaws including those that can lead to software vulnerabilities. Graudit helps to uncover these by searching through the files and discover possible flaws. The tool supports languages like ASP, C, Perl, PHP, Python, and others.
How it works
Graudit is short for Grep rough audit. Not surprisingly, it uses the GNU grep utility to find security flaws in source code. The tool has a set of database files that include patterns for each supported programming language. It uses these patterns to evaluate the code and see if there are any positive matches. If the tool finds a match, it will display this.
Usage and audience
graudit is commonly used for code analysis. Target users for this tool are developers, pentesters, and security professionals.
- Command line interface
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code is easy to read and understand
- + Tool is easy to use
- + Used language is shell script
- + The source code of this software is available
Supported operating systems
Graudit is known to work on Linux.
Similar tools to graudit:
Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. Read how it works in this review.
Bandit is an AST-based static analyzer for analyzing Python code. It helps with finding code flaws that could lead to security vulnerabilities.
Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.
This tool page was updated at . Found an improvement? Help the community by submitting an update.