Shellharden

LSE toolsLSE toolsShellharden (315)Shellharden (315)

Tool and Usage

Project details

License
MPL 2.0
Programming language
Rust
Latest release
4.3.1
Latest release date

Project health

85
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Shellharden helps to detect flaws in shell scripts that may result in vulnerabilities. While being similar to Shellcheck, this tool can apply the suggested changes to a shell script.

How it works

Shellharden focuses on the proper use of variable quoting. It scans the code for variables and determines if quoting is applied. The tool uses colored output to indicate shows what to should be added (green) or remove (red).

Background information

The project was first released in February of 2017. The GitHub project page has a clear description of the project and why to use the tool. It provides a screenshot and some helpful commands for beginners. We can't find the full name of the author (anordal), which might be a possible improvement to add to the project.

Usage and audience

Shellharden is commonly used for code analysis. Target users for this tool are developers, pentesters, security professionals, and system administrators.

Features

  • Colored output
  • Command line interface

Example usage and output

Shellharden: A bash syntax highlighter that encourages
(and can fix) proper quoting of variables.

Usage:
shellharden filename.bash
cat filename.bash | shellharden ''

Options:
--suggest Output a colored diff suggesting changes.
--syntax Output syntax highlighting with ANSI colors.
--syntax-suggest Diff with syntax highlighting (default mode).
--transform Output suggested changes.
--check No output; exit with 2 if changes are suggested.
--replace Replace file contents with suggested changes.
-- Don't treat further arguments as options.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + Tool is easy to use
  • + More than 3000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Installation

Supported operating systems

Shellharden is known to work on Linux.

Shellharden alternatives

Similar tools to Shellharden:

93

Cppcheck

Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.

85

gosec

Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. Read how it works in this review.

70

graudit

Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.

All Shellharden alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a code security testing tool, linting tool, and static code analyzer.

Related topics