VisualCodeGrepper V2.0.0

Code security review tool for C/C++, C#, VB, PHP, Java and PL/SQL.

4.7 Stars (6)
103 Downloads (This Week)
Last Update:
Download VCG-Setup.zip
Browse All Files
Windows

Screenshots

Description

VCG is an automated code security review tool for C++, C#, VB, PHP, Java and PL/SQL which is intended to drastically speed up the code review process by identifying bad/insecure code.

It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find phrases within comments that can indicate broken code and it provides stats and a pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, '€˜ToDo'€™ style comments and bad code.

I've tried to produce something which doesn'€™t return the large number of false positives returned by some tools and which also searches intelligently for buffer overflows and signed/unsigned comparison in C, violations of OWASP recommendations in Java code, etc.

Current version: 2.0.0

VisualCodeGrepper V2.0.0 Web Site

Update Notifications





User Ratings

★★★★★
★★★★
★★★
★★
4
2
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5
Write a Review

User Reviews

  • gmaran23
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Thank you for the excellent work. I tried reverse engineering v 1.6 to support CLI so I could automate scans, but seems like v2.0 already supports it (haven't tried it yet though). When Microsoft CAT.NET went to oblivion, and with commercial tools are skyrocketing prices - VisualCodeGrepper is a viable and easy to use alternative! Will try v 2.0 at my earliest and share feedback. btw, VisualCodeGrepper is also mentioned on checkmarx blog under the title 'The Ultimate List of Open Source Static Code Analysis Security Tools'.

    Posted 11/19/2014
  • jonahbailey
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Nice and simple.

    Posted 02/18/2013
  • isaiahavila
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    works perfectly.

    Posted 01/25/2013
  • lukasford
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Stable and works.

    Posted 12/26/2012
Read more reviews

Additional Project Details

Intended Audience

Information Technology, Security

User Interface

Win32 (MS Windows)

Registered

2012-11-19
Screenshots can attract more users to your project.
Features can attract more users to your project.

Icons must be PNG, GIF, or JPEG and less than 1 MiB in size. They will be displayed as 48x48 images.