Graudit – Grep Rough Audit – Source Code Auditing Tool

graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Graudit - Grep Rough Audit - Source Code Auditing Tool
Graudit – Grep Rough Audit – Source Code Auditing Tool

graudit uses extended regular expressions (POSIX) as it’s signatures and comes with several databases ready for use. You can extend the existing databases or make your own if you require additional signatures.

Installation can be done as a user or globally as root, simply run make with the userinstall or install argument. It is however recommended to use the tool directly by cloning the git repository as it includes additional database rules not included on the distribution files. This also enables you to get updates between releases.

Databases can be loaded from multiple locations, the order of precedence is as follows:

  1. Custom location specified via the GRDIR environment variable
  2. /usr/share/graudit/
  3. $HOME/.graudit/
  4. A relative signature/ directory from location
  5. A relative misc/ directory from location
  6. Any file that is specified with a full path, i.e: /home/user/my.db
  7. Rules can be read from stdin by supplying – or /dev/stdin as the database

A list of the database files in order of precedence is shown with the -l switch: graudit -l

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments