In this post, we are going to see about the detailed notes & usage of CRASS (grep-it.sh), an all-in-one shell script for secure code inspection.
- CRASS – Code Review Audit Script Scanner.
- CRASS is a simple source code grep-er tool that will search for the high-potential strings in the provided code repository/directory.
- It will try to find the IT security and privacy-related information from the provided code.
- CRASS can work in *nix and Mac OSX (with gnu-grep from mac ports)
- The application was developed using Shell Script.
- THE BEER-WARE LICENSE (Revision 42)
Author(s) / Contributor(s):
- GNU grep
- rm command
- mkdir command
- jobs, wait and wc command
- Simple and easy to use(in CLI).
- Not a replacement for static code analysis tool but a kind of language-independent.
- Easy integration with any automation tools as it is based on CLI.
- Fully based on grep(Global regular expression print) command.
- Open-source and easily customizable based on the need (by editing the grep-it.sh file).
Usage Command(s) / Syntax:
./grep-it.sh [directory to be analyzed]
./main.sh [directory to be analyzed]