Projects / graudit


Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Operating Systems

Recent releases

  •  11 Jan 2011 21:49

    Release Notes: This release fixes the PHP (php/xss.db) database, which had a blank line at the end, causing everything to match. It adds a test case for blank lines in signature scripts. It adds a database validating aux script. It updates the Makefile file manifest. It fixes a bug in the test script template (t/

    •  08 Jan 2011 04:39

      Release Notes: The -L operator now does vim-friendly line numbers. Man pages and documentation were updated. Signatures for PHP, JSP, Dotnet, Perl, and Python were updated. Bugs in the aux/ scripts were fixed and additional scripts were provided. CVS directories are now ignored by default.

      •  01 Aug 2010 15:53

        Release Notes: New PHP signatures. Improved C signatures for fewer false positives. Improved dotnet signatures. Whitespace neutrality for all signatures. The -l operator lists available databases. An -x operator for excluding files. A configure script has been added to the make chain. Makefile install targets have changed, install is now server-wide.

        •  14 May 2010 12:46

          Release Notes: This release adds a bugfix for greedy separator code, imports C rules from RATS, starts a test suite transition to the Junio C Hamano Git-inspired one, adds a case insensitive switch, adds dotnet signatures, discontinues the rough database, adds the combined database "all", and supports the GRDIR enviroment variable.

          •  06 Dec 2009 23:04

            Release Notes: New features for server-wide installation. A source distribution file for package maintainers. Signature bugfixes. New PHP, Python, and Perl signatures. Deprecation of the rough signature set. A fix in graudit usage text. Improved documentation. Several color modes are supported.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.