Graudit Frequently Asked Questions (FAQ)


What is graudit?
Graudit is a semantic static analys tool that highlights potential vulnerabilities in source code.


Who should use graudit?
System administrators, developers, auditors, vulnerability researchers and anyone else that cares to know if the application they develop, deploy or otherwise use is secure.

What languages are supported?
Version 1.5 Shipped with support for the following languages:
  • ASP
  • JSP
  • Perl
  • PHP
  • Python
  • Other (looks for suspicious comments, etc)
Can you add support for language x,y,z?
I can add support for almost any language, but if I don't program in the language myself it is likely to have a high false-positive or even false-negative rate. If you can point me to an existing set of rules for a language I can convert these to graudit.

Can I help?
Sure you can! I could use help with anything and everything, improved rulesets, documentation, packaging, testing, etc. And if you're unable to help with any of these you can tell someone else about graudit.

Search

Tag Cloud

No Clean Feed - Stop Internet Censorship in Australia
Creative Commons License
This weblog is licensed under a Creative Commons License.