CRASS - grep-it.sh

In this post, we are going to see about the detailed notes & usage of CRASS (grep-it.sh), an all-in-one shell script for secure code inspection.

Short Description:

  • CRASS – Code Review Audit Script Scanner.

Description:

  • CRASS is a simple source code grep-er tool that will search for the high-potential strings in the provided code repository/directory.
  • It will try to find the IT security and privacy-related information from the provided code.
  • CRASS deals the secure code scanning for programming languages like  Java, JSP, Spring, Struts, Flex, .NET, PHP, HTML, Javascript, Python, Ruby, C, and mobile platforms like Android and iOS.
  • CRASS can work in *nix and Mac OSX (with gnu-grep from mac ports)

Language:

  • The application was developed using Shell Script.

License:

  • THE BEER-WARE LICENSE (Revision 42)

Author(s) / Contributor(s):

Icon/Image:

N/A

Screenshot demo:

CRASS - grep-it.sh
Fig 1.1 : CRASS – grep-it.sh

Requirements:

  • GNU grep
  • rm command
  • mkdir command
  • jobs, wait and wc command

Features:

  • Simple and easy to use(in CLI).
  • Not a replacement for static code analysis tool but a kind of language-independent.
  • Easy integration with any automation tools as it is based on CLI.
  • Fully based on grep(Global regular expression print) command.
  • Open-source and easily customizable based on the need (by editing the grep-it.sh file). 

Source(Link):

https://github.com/floyd-fuh/crass

Github(Link):

https://github.com/floyd-fuh/crass

Usage Command(s) / Syntax:

./grep-it.sh [directory to be analyzed] 

./main.sh [directory to be analyzed] 

Usage Tutorials:

Tutorial Link

Download(Link):

https://github.com/floyd-fuh/crass

 

Share and Enjoy !

0Shares
0 0 0

Leave a Reply

Your email address will not be published. Required fields are marked *