{"id":2279,"date":"2015-05-02T19:05:17","date_gmt":"2015-05-02T11:05:17","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2279"},"modified":"2015-09-09T19:36:38","modified_gmt":"2015-09-09T11:36:38","slug":"graudit-v1-9-download-grep-source-code-auditing-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2015\/05\/graudit-v1-9-download-grep-source-code-auditing-tool\/","title":{"rendered":"Graudit v1.9 Download &#8211; Grep Source Code Auditing Tool"},"content":{"rendered":"<p>Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It&#8217;s comparable to other static analysis applications and source code auditing tool sets like <a href=\"https:\/\/www.darknet.org.uk\/2009\/11\/rats-rough-auditing-tool-for-security\/\">RATS<\/a>, <a href=\"https:\/\/www.darknet.org.uk\/2006\/09\/security-compass-web-application-analysis-tool-swaat\/\">SWAAT<\/a> and <a href=\"https:\/\/www.darknet.org.uk\/2009\/09\/flawfinder-source-code-auditing-tool\/\">flaw-finder<\/a> while keeping the technical requirements to a minimum and being very flexible.<\/p>\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/farm8.staticflickr.com\/7664\/17153934220_d6f4e8d9c1.jpg\" alt=\"Graudit v1.9 Download - Grep Source Coding Auditing Tool\" \/><\/p>\n<p>You can find a full selection of <a href=\"https:\/\/www.darknet.org.uk\/tag\/code-auditing-tool\/\">code auditing tools here<\/a>.<\/p>\n<h3>Usage<\/h3>\n<p>Graudit supports several options and tries to follow good shell practices. For a list of the options you can run graudit -h or see below. The simplest way to use graudit is;<\/p>\n<pre>graudit <options> \/path\/to\/scan<\/pre>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<p>The following options are available:<\/p>\n<pre>  -A scan ALL files\r\n  -c <num> number of lines of context to display, default is 2\r\n  -d <db> database to use\r\n  -h prints a short help text\r\n  -i case in-sensitive search\r\n  -l lists databases available\r\n  -L vim friendly lines\r\n  -v prints version number\r\n  -x exclude these files\r\n  -z supress colors\r\n  -Z high contrast colors<\/pre>\n<h3>Databases<\/h3>\n<p>Graudit uses extended regular expressions (POSIX) as it&#8217;s signatures and comes with several databases ready for use. You can extend the existing databases or make your own if you require additional signatures.<\/p>\n<ul>\n<li>All is a combined database of all the databases listed below<\/li>\n<li>ASP offers basic auditing support for the Active Server Pages languages<\/li>\n<li>C offers support for the C programming language<\/li>\n<li>Default is aimed at finding low hanging fruit. It contains generic rules that should match common vulnerabilites in several languages. However, in order to find additional vulnerabilities for a specific language you should use the language specific databases.<\/li>\n<li>Dotnet offers basic dot net support<\/li>\n<li>JSP basic JSP support.<\/li>\n<li>Other looks for source comments that could indicate problems<\/li>\n<li>Perl basic support for perl<\/li>\n<li>PHP tracks user input and function calls<\/li>\n<li>Python basic python support<\/li>\n<\/ul>\n<p>You can download Graudit v1.9 here:<\/p>\n<p><a href=\"http:\/\/www.justanotherhacker.com\/projects\/graudit-1.9.tar.gz\">graudit-1.9.tar.gz<\/a><\/p>\n<p>Or read more <a href=\"http:\/\/www.justanotherhacker.com\/projects\/graudit.html\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It&#8217;s comparable to other static analysis applications and source code auditing tool sets like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible. You [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"Graudit is a simple source code auditing tool with signature sets that allows you to find potential security flaws in source code using grep.","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[12,29,11],"tags":[2866,4334,1162,4338],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2279"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=2279"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2279\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=2279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=2279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=2279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}