Grepify – a Small Tool for Code Reviewers

A quick post to announce NCC Group’s first tool has been pushed to our Github repo at https://github.com/nccgroup/.

So what is Grepify?

It’s basically a regex engine with a Windows GUI with some short cuts and pre-defined profiles to aid in security focused code reviews. It’s not very clever but for often repeated tasks performed across code bases it can help.

What can Grepify do?

  • Scan ASCII files for matches to the ‘profiles’ (list of regexes) you supply quickly
  • Skip over defined ‘comments’ in the code (again another set of regexes)
  • Skip over files with test in the name or path
  • Allow you to double click on result, have it open in your editor of choice and seek to the correct line
  • Show the file in Explorer
  • Export the results as CSV

What code profiles does it support?

Currently there are profiles for numerous different platforms including Microsoft Windows, Apple iOS and Generic C plus initial odds and ends for a variety of other languages. We expect these to grow over time.

Where do I get the code?

https://github.com/nccgroup/grepify

Where do I get the binaries?

https://github.com/nccgroup/grepify/raw/master/Release/Release.zip

How about a screenshot?

Want more open source tools form NCC Group companies?

Original Publish date:  12 April 2013

Original Author:  Ollie Whitehouse