Cmd Code Audit (Skavenger)
This is going to be a quick how-to audit source code under a windows environment without having installed egrep/sed.
Let’s start with the most basic code auditing line:
—
type file.ext | find /i “string”
—
While this won’t do much, the following batch script that I use from time to time, could be helpful, at least for php code auditing (you may modify it to fit your needs a.k.a. C/C++/C#/ASP/JSP/etc):
—
@echo off
echo Auditing %1
type %1 | find /i “$_GET” | more
type %1 | find /i “$_POST” | more
type %1 | find /i “$_REQUEST” | more
type %1 | find /i “include(” | more
@echo on
—
For more lines to add to it check this. Having to disappoint you, because I am going to present you a script far better than the above batch file.
Here it comes -> Skavenger
Skavenger is a source code auditing tool, written in PHP and designed for regular expression usage; so it can be more versatile than the above script. Not much to say about it, the most simple thing for you to do is download it and fool around with it. For download go to http://code.google.com/p/skavenger/downloads/list.
And if you want to continue the project, and make a better console source code auditing tool, then drop me a line at backbone46 [at] gmail (dot) com…
