May 26, 2018

Examines source code looking for security weaknesses

Flawfinder searches through source code looking for potential security flaws. Flawfinder uses an internal database called the ruleset''; the ruleset identifies functions that are common causes of security flaws. Every potential security flaw found in a given source code file matching an entry in the ruleset is called ahit,’’ and the set of hits found during any particular run is called the ``hitlist.’’

WWW https//