Showing 1 - 25 of 175

Files

GRAudit Grep Auditing Tool 3.6: Posted Apr 9, 2024; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Updated ruby, JavaScript, PHP, suppression, android, dotnet, nim, golang, python, c, xss, sqli, exec, default, and fruit rules. Added Kotlin rules.; tags | tool; systems | unix; SHA-256 | 96491008a9e1ad7e69bc2be9e30cea2014e7ec82fcaa4c2a1a86a984844d920e; Download | Favorite | View

GRAudit Grep Auditing Tool 3.5: Posted Dec 23, 2022; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Added Eiffel rules. Updated secret rules. Reduced false positives in php rules. Reduced false positives in nim rules. Added typescript rules. Fixed path issue in misc/gitscan. Bugfix for actionscript, asp and ios rules. Rule correctness adjustments to asp rules. Minor documentation updates.; tags | tool; systems | unix; SHA-256 | 3e5640bdf3520143887748dd71372f092de7b62b576127bda963e7187d1ac1e1; Download | Favorite | View

GRAudit Grep Auditing Tool 3.4: Posted Mar 2, 2022; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Fixed a path issue in misc/taintfind.sh. Changed installation instructions for better usage. Added link to tutorial video in documentation. Updated PHP rules. Updated dotnet rules. Updated xss rules. Updated secrets rules. Added support for setting default arguments via env vars. Added test cases for environment variables. Fixed a bug in database listing function. Updated misc/phptaint.sh.; tags | tool; systems | unix; SHA-256 | 783c5861525c5c580c13a6ffaca19e9f37ac760eb966aad82fa29217fa7a71e4; Download | Favorite | View

GRAudit Grep Auditing Tool 3.3: Posted Jan 20, 2022; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Fixed false positive rate in compressed js files. More secret rules. Restructured and updated classic asp rules. Updated fruit rules. Updated SQL, spsqli, ruby, android, java, and dotnet rules. Fixed greedyness in perl super global rules. Improved test case. Bug fixes for dotnet and sql rulesets. Added test case for bad quantifiers in rules. Changed test cases for consistency and portability. Rule set for auditing SCA exclusions. Updated ampscript rules. Added .github/ files for sponsorship/issues/pull requests.; tags | tool; systems | unix; SHA-256 | cce3339a277e3dbab7f9c849a9cb657c9d4d0950fd8a9a1420fad6b45a2a1fa8; Download | Favorite | View

GRAudit Grep Auditing Tool 3.2: Posted Oct 29, 2021; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Fixed a compatibility bug in misc/serializephp.sh. Updated PHP rules. Updated Java rules. Updated fruit rules. Updated secret rules. Updated default. Updated android rules. Updated dotnet rules. Changed misc/gitlog.sh to an interactive format. Added *.map to files that are ignored unless -A is used. Fixed line endings in some rule files. Altered some error handling slightly.; tags | tool; systems | unix; SHA-256 | 4bb85b35f11fb5501d5516eb52ee5d5fa72738aae93f70b43b6f9fe6e15ffb24; Download | Favorite | View

Flawfinder 2.0.19: Posted Aug 31, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Added a fix to send error messages to stderr instead of stdout.; tags | tool; systems | unix; SHA-256 | fe550981d370abfa0a29671346cc0b038229a9bd90b239eab0f01f12212df618; Download | Favorite | View

Flawfinder 2.0.18: Posted Jun 25, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Fixed SARIF output. SARIF output is new to flawfinder, and there was a subtle error in its generation that causes GitHub to reject the SARIF file.; tags | tool; systems | unix; SHA-256 | 6a51efd7869e0f36a00f33455ec2d1745dc36121130625887b4589e646f062c2; Download | Favorite | View

GRAudit Grep Auditing Tool 3.1: Posted Jun 22, 2021; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Updated secret rules. Updated dotnet rules. Updated C rules. Updated Java and Mongose rules. Added ~/graudit/signatures to database locations. Updated documentation.; tags | tool; systems | unix; SHA-256 | 7bab75bbc6330e05bd374226f5e57a1fab230a1b04db8a88cfe4b4e95c909c90; Download | Favorite | View

Flawfinder 2.0.17: Posted Jun 4, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Fixed the distributed tarball, which did not include the key source file due to the earlier file restructure. Minor code style fix applied, which simplifies the code slightly. Updated date in manual page to 2021.; tags | tool; systems | unix; SHA-256 | c28c1fff7657131c8f016c3309d0caeb58d367d61a5c4b56a26ac8314772d407; Download | Favorite | View

Flawfinder 2.0.16: Posted Jun 1, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: The distributed source file is now flawfinder.py, not flawfinder. Added support for generating SARIF output. Improved handling of Git patch format.; tags | tool; systems | unix; SHA-256 | 5b12c5de0a0f75de84caaebf4b6bd3d87f3776fd3a54de3409ee9c148788251f; Download | Favorite | View

GRAudit Grep Auditing Tool 3.0: Posted Apr 29, 2021; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Fixed broken Java rule causing massive false positives. Additional PHP fruit rules added.; tags | tool; systems | unix; SHA-256 | a1153c5de5bd786a24a28e3e31ce5ead66ccd16a90c162f15c858d17d6001e7f; Download | Favorite | View

GRAudit Grep Auditing Tool 2.9: Posted Apr 9, 2021; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Fix for GRDIR applied. Improved C fruit rules. Improved js fruit rules. Started python fruit rules. Updated documentation. Various other updates as well.; tags | tool; systems | unix; SHA-256 | 41eb7846be334a34a54cdda4de506dfc8dc6be67eb610b7d6bb9b8cae80e277d; Download | Favorite | View

Flawfinder 2.0.15: Posted Jan 12, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Fixed some release problems in 2.0.14. Improved handling of LoadLibraryEx.; tags | tool; systems | unix; SHA-256 | 0a65cf93b1d380669476e576abbb04ea0766a557ce2bf75d9e71f387fcd74406; Download | Favorite | View

Flawfinder 2.0.14: Posted Jan 11, 2021; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Various Windows improvements. Various C++ improvements.; tags | tool; systems | unix; SHA-256 | b1d777fad9eb6566567a07deed6798c446e3a93d569fe11e0c0d5583cb3294eb; Download | Favorite | View

GRAudit Grep Auditing Tool 2.8: Posted Nov 19, 2020; Authored by Wireghoul | Site justanotherhacker.com; Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.; Changes: Updated Electron rules. Updated PHP rules. More scala rules and a scala signature set. Updated C rules. Updated Java rules. Many other updates as well.; tags | tool; systems | unix; SHA-256 | 25ed4c4c97f26a3df2dd64a41c356940753751abc3e5c7c9e0d7b682495221d9; Download | Favorite | View

Flawfinder 2.0.10: Posted Jun 24, 2019; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Uses binary mode when reading a diffhitlist.; tags | tool; systems | unix; SHA-256 | f1dcb1ec3e35685e46a8512137b8062daa1d0327900177998a405feab608adeb; Download | Favorite | View

Flawfinder 2.0.9: Posted May 20, 2019; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Fixes a serious defect in --diffhitlist.; tags | tool; systems | unix; SHA-256 | d7aefd002cb63e125ff20bc2960388cf63e202b7e7f971e47129f2214faca90a; Download | Favorite | View

Flawfinder 2.0.8: Posted Jan 22, 2019; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: A number of bugs were addressed as well as some small improvements. Documentation has been tweaked.; tags | tool; systems | unix; SHA-256 | 65e05788c2e57b4037de58a42b787abd1e3f249656660cf6a3c1e9ad98a46b37; Download | Favorite | View

Flawfinder 2.0.6: Posted Apr 4, 2018; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Small fixes. Updated cwe.mitre.org URLs to use https.; tags | tool; systems | unix; SHA-256 | d33caeb94fc7ab80b75d2a7a871cb6e3f70e50fb835984e8b4d56e19ede143fc; Download | Favorite | View

Flawfinder 2.0.5: Posted Nov 17, 2017; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Added detection of crypt_r function. Added detection of errant equal, mismatch, and is_permutation. Updated CWE, risk, and discussion for C++14 STL functions. Fixed hit count reporting. Updated www.dwheeler.com URLs to use https.; tags | tool; systems | unix; SHA-256 | dcfecaf6c83e4933fc64d1fc7de757768d8f250762c08bbfa07c241fa6f2193b; Download | Favorite | View

Flawfinder 2.0.4: Posted Sep 4, 2017; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Now directly supports pip installs. Switched from distutils to setuptools.; tags | tool; systems | unix; SHA-256 | 43ffe3bd19cafbc4f24c53c6d80810297ebfbf9a72b693e58e59775813ee66ec; Download | Favorite | View

Flawfinder 2.0.2: Posted Aug 28, 2017; Authored by David A. Wheeler | Site sourceforge.net; Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.; Changes: Flawfinder can now run on either Python 2.7 or 3. Added more tests. Implemented additional code cleanups recommended by Pylint. Modified documentation in various ways to clarify things.; tags | tool; systems | unix; SHA-256 | 2ca96b106cbf6af495fe558e5111838c74cab0492e9b5d376f567b430e57052f; Download | Favorite | View

IP-Array IPTables Firewall Script 1.2.2: Posted Mar 28, 2016; Authored by AllKind | Site ip-array.sourceforge.net; A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.; Changes: This is a bugfix only release. One critical, a few major, and some minor bugs have been fixed.; tags | tool; systems | linux, unix; SHA-256 | 4c747ff421514b04d85a245812dc63289687125e8c22e296fad9d732501c0200; Download | Favorite | View

IP-Array IPTables Firewall Script 1.2.1: Posted Mar 21, 2016; Authored by AllKind | Site ip-array.sourceforge.net; A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.; Changes: The old /proc filesystem PROC_* variable configuration system has been removed. Now the system settings are done using the sysctl program. The sysctl rules are now written in XML. A sysctl builder has been added to the interactive mode, allowing to create sysctl rule files easily. A bash completion compspec has been added. An uninstall script has been added. Parsing of XML files by category is now possible even if not in parse-xml mode. Various fixes and improvements.; tags | tool; systems | linux, unix; SHA-256 | de001b81914740972faf4bd4d0ea388e8757a9bfd02dd6b63707be348929904a; Download | Favorite | View

IP-Array IPTables Firewall Script 1.1.2: Posted Mar 11, 2016; Authored by AllKind | Site ip-array.sourceforge.net; A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.; Changes: Bugfix - If in interactive mode and the dialog program was used, option lists were truncated.; tags | tool; systems | linux, unix; SHA-256 | 1776a45062cfe3936e51bcfdbca58205ae2d5cbb6213066d96bedbe4afaeeed3; Download | Favorite | View

Page 1 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

Files

Top Authors In Last 30 Days

Recent News