NAME¶

graudit — source code auditing tool

SYNOPSIS¶

DESCRIPTION¶

graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. Its arguments are as follows:

-A

Scan ALL files

-c num

Number of lines of context to display (Default: 2; one before and one after the matching line)

-d database

Signature database to use

-h

Print short help message

-i

Case in-sensitive search

-l

Lists available database

-L

Prints line numbers in a paste friendly format for vim

-v

Print version number

-x

Exclude files matching this pattern

-z

Supress colors

-Z

High contrast colors

/path/to/scan

Directory or files to scan

By default, graudit will scan most files and directories (excluding *.gz, *.zip, *.gif, *.jpg, *.png, .svn/, .git/ and .CVS/) under /path/to/scan using the default signature database and display two lines of context using the standard grep colors. Running graudit some/dir/ is the same as running graudit -c 1 -d default some/dir/

EXIT STATUS¶

The exit status is 0 if a signature match is found and 1 otherwise. An exit status of 2 means an error occurred.

SEE ALSO¶

grep(1)(graudit(7))

AUTHORS¶

graudit was written by Eldar Marcussen - http://www.justanotherhacker.com.