RATS (Rough Auditing Tool for Security) is an open-source, lightweight static code analysis utility designed to scan source code for potential security vulnerabilities. Originally developed by Secure Software Inc., it acts as a fast, introductory checkpoint for developers and security analysts to flag risky code patterns before manual, in-depth code reviews begin. Core Purpose & Philosophy
True to its name, RATS does not perform a deep semantic or control-flow analysis of code. Instead, it relies heavily on pattern matching and lexical scanning against a predefined vulnerability database.
The Goal: It does not definitively prove a bug exists. Instead, it highlights “potentially dangerous” elements to provide a reasonable starting point for human auditors.
Speed vs. Accuracy: Because it skips complex compilation and abstract syntax tree tracking, it is incredibly fast. However, this leads to a high rate of false positives (flagging safe code as vulnerable) and occasional false negatives (missing complex flaws). Key Features
Multi-Language Support: RATS can scan code written in C, C++, Perl, PHP, Python, and Ruby.
Vulnerability Target: It primarily searches for classic security flaws, such as buffer overflows, format string vulnerabilities, and TOCTOU (Time Of Check, Time Of Use) race conditions.
XML-Driven Database: The rules RATS uses to flag vulnerabilities are stored in an editable XML format (rats.xml). Teams can add custom functions or rules to this database to tailor the tool to their environment.
Severity Prioritization: RATS categorizes issues by relative severity (High, Medium, Low) so developers know which alerts to investigate first. How to Use RATS
RATS is a classic command-line tool. After installing the binary via sources like the RATS GitHub Repository, running an audit is straightforward: rats [options] [file1 file2 … or directory] Use code with caution. Common Command Line Options: andrew-d/rough-auditing-tool-for-security … – GitHub
Leave a Reply