Graudit source code scanner v1.1 released

In: Code Auditing , Graudit , Local auditing

18 August 2009

Graudit is a simple script and signature sets that allows you to find potential
security flaws in source code using the GNU utility grep. It’s comparable to
other static analysis applications like RATS and flaw-finder while keeping the
technical requirements to a minimum and being very flexible.

Changelog:

Improved custom db options
Improved signatures for several languages
A few minor tweaks

Tool submitted by Wireghoul (the tool author i guess)

Post scriptum

Download

Compliance Mandates

Code Auditing :
PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)

Code Auditing	10 May 2010 : WebTest 1.2.1 - Testing Web Application with Python 7 May 2010 : fuu v0.1 Beta - [F]aster [U]niversal [U]npacker 24 April 2010 : Security Ninja security tool announcement 22 April 2010 : OWASP Code Crawler v2.7 released 7 April 2010 : CWE/SANS Top 25 list updated to v1.0.3
Graudit	11 December 2009 : Graudit v1.5 released 25 November 2009 : Graudit v1.4 released 3 November 2009 : Graudit v1.3 released 19 September 2009 : Graudit source code scanner v1.2 updated 18 August 2009 : Graudit source code scanner v1.1 released
Local auditing	11 May 2010 : iScanner v0.5 released - Malicious codes scanner 1 May 2010 : Sysinternal AccessChk v5.0 released 22 April 2010 : OpenSCAP v0.5.9 released 30 March 2010 : Buck Security - Checks for Debian Linux - v0.5 released 29 March 2010 : PDFResurrect v0.10 released