In this post, we are going to see about the step by step usage of CRASS (grep-it.sh), an all-in-one shell script for secure code inspection.
Step 1: Creating a working directory space
Kindly create a new directory from the terminal using the command:
mkdir crass-demo
Make the newly created directory as the present working directory.
cd crass-demo
Step 2: Cloning the cross repo into the created directory
Kindly clone the cross GitHub repo into the newly created directory using the below command:
git clone https://github.com/floyd-fuh/crass.git
Step 3: Checking the contents of the cloned repo
Kindly check the contents of the cloned repo and you will find the file grep-it.sh and main.sh with some other files and directories.
Step 4: Executing the code review audit scan
Inside the cloned repo, we could see a directory called “testing” which contains the sample test files. We are going to use those files for the code review process.
Now, we need to execute the below command to initiate the code review.
./grep-it.sh ./testing/tests/grep-test/file.txt
As an alternate step, we can use the below command to initiate the code review.
./main.sh ./testing/tests/grep-test/file.txt
Step 5: Reviewing the results
Once the scanning is done, the results will be stored under the directory “\grep-output“. Kindly execute the below command to see the results:
ls ./grep-output/
