mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-26 22:06:35 +01:00
…
|
||
---|---|---|
.. | ||
rats.info | ||
rats.SlackBuild | ||
README | ||
slack-desc |
RATS - Rough Auditing Tool for Security RATS is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. RATS scanning tool provides a security analyst with a list of potential trouble spots on which to focus, along with describing the problem and potentially suggest remedies. It also provides a relative assessment of the potential severity of each problem, to better help an auditor prioritize. This tool also performs some basic analysis to try to rule out conditions that are obviously not problems. As its name implies, the tool performs only a rough analysis of source code. It will not find every error and will also find things that are not errors. Manual inspection of your code is still necessary, but greatly aided with this tool. Example usage - to analyze "main.c": rats --db /usr/share/rats-2.3/rats-c.xml main.c