A quick post to announce NCC Group’s first tool has been pushed to our Github repo at https://github.com/nccgroup/.
So what is Grepify?
It’s basically a regex engine with a Windows GUI with some short cuts and pre-defined profiles to aid in security focused code reviews. It’s not very clever but for often repeated tasks performed across code bases it can help.
What can Grepify do?
- Scan ASCII files for matches to the ‘profiles’ (list of regexes) you supply quickly
- Skip over defined ‘comments’ in the code (again another set of regexes)
- Skip over files with test in the name or path
- Allow you to double click on result, have it open in your editor of choice and seek to the correct line
- Show the file in Explorer
- Export the results as CSV
What code profiles does it support?
Currently there are profiles for numerous different platforms including Microsoft Windows, Apple iOS and Generic C plus initial odds and ends for a variety of other languages. We expect these to grow over time.
Where do I get the code?
Where do I get the binaries?
How about a screenshot?
Want more open source tools form NCC Group companies?
- https://github.com/isecpartners – iSec Partners
- https://bitbucket.org/IntrepidusGroup – Intrepidus Group
Original Publish date: 12 April 2013
Original Author: Ollie Whitehouse