In this post, we are going to see about the step by step usage of CRASS (grep-it.sh), an all-in-one shell script for secure code inspection.

 

Step 1: Creating a working directory space

Kindly create a new directory from the terminal using the command:

 mkdir crass-demo 

Make the newly created directory as the present working directory.

 cd crass-demo 

Create a working directory space
Fig 1.1 : Create a working directory space

 

Step 2: Cloning the cross repo into the created directory

Kindly clone the cross GitHub repo into the newly created directory using the below command:

git clone https://github.com/floyd-fuh/crass.git

Cloning the github repo
Fig 1.2 : Cloning CRASS GitHub repo

 

Step 3: Checking the contents of the cloned repo

Kindly check the contents of the cloned repo and you will find the file grep-it.sh and main.sh with some other files and directories.

Cloned repo contents
Fig 1.3 : Cloned repo contents

 

Step 4: Executing the code review audit scan

 Inside the cloned repo, we could see a directory called “testing” which contains the sample test files. We are going to use those files for the code review process.

Testing directory
Fig 1.4 : Testing directory

Now, we need to execute the below command to initiate the code review.

./grep-it.sh ./testing/tests/grep-test/file.txt

Executing the code review audit scan
Fig 1.5 : Executing the code review audit scan

As an alternate step, we can use the below command to initiate the code review.

./main.sh ./testing/tests/grep-test/file.txt

Step 5: Reviewing the results

Once the scanning is done, the results will be stored under the directory “\grep-output“. Kindly execute the below command to see the results:

ls ./grep-output/

Reviewing the results
Fig 1.6 : Reviewing the results

Share and Enjoy !

0Shares
0 0 0

Leave a Reply

Your email address will not be published. Required fields are marked *