1RATS(1)                     General Commands Manual                    RATS(1)
2
3
4

NAME

6       rats - Rough Auditing Tool for Security
7

SYNOPSIS

9       rats [options] [file]...
10

DESCRIPTION

12       rats  is  a  rough auditing tool for security developed by Secure Soft‐
13       ware, Inc.  It is a tool for scanning C, Perl, PHP, and  Python  source
14       code  and  flagging  common security related programming errors such as
15       buffer overflows and TOCTOU (Time Of Check, Time Of  Use)  race  condi‐
16       tions.  As its name implies, the tool performs only a rough analysis of
17       source code.  It will not find every error and will  also  find  things
18       that  are  not  errors.  Manual inspection of your code is still neces‐
19       sary, but greatly aided with this tool.
20
21       When started, RATS will scan each file or each file  in  the  directory
22       specified  on  the  command  line and produce a report when scanning is
23       complete.  What vulnerabilities are reported in the final report depend
24       on  the  data contained in the vulnerability database or databases that
25       are used and the warning level in use.
26
27       For each vulnerability, the list of files and  line  numbers  where  it
28       occured  is given, followed by a brief description of the vulnerability
29       and suggested action.
30

OPTIONS

32       -h, --help
33              Displays a brief usage summary and exit.
34
35       -a <fun>
36              Report any occurence of function 'fun' in the source file(s)
37
38       -d <filename>, --database <filename>, --db <filename>
39              Specifies a vulnerability database to be loaded.  You  may  have
40              multiple -d options and each database specified will be loaded.
41
42       -i, --input
43              Causes  a  list  of  function  calls that were used which accept
44              external input to be produced at the end  of  the  vulnerability
45              report.
46
47       -l <lang>, --language <language>
48              Force  the  specified language to be used regardless of filename
49              extension.  Currently valid  language  names  are  "c",  "perl",
50              "php" and "python".
51
52       -r, --references
53              Causes  references  to  vulnerable  function  calls that are not
54              being used as calls themselves to be reported.
55
56       -w <level>, --warning <level>
57              Sets the warning level. Valid levels are 1, 2 or 3.
58
59              1 includes only default and high severity.
60
61              2 includes medium severity (default).
62
63              3 includes low severity vulnerabilities.
64
65       -x     Causes the default vulnerability databases  (which  are  in  the
66              installation  data directory, /usr/share/rats by default) to not
67              be loaded.
68
69       -R, --no-recurssion
70              Do not recurse subdirectories when encountered.
71
72       --xml  Output in XML
73
74       --html Output in HTML
75
76       --follow-symlinks
77              Follow symlinks and treat them like whatever they  are  pointing
78              to.   If  the symlink points to a directory it will be descended
79              into unless -R is specified, if a pointing to a file, it will be
80              treated as a file.
81

AUTHOR

83       This  manual page was orginally written by Adam Lazur <adam@lazur.org>,
84       for the Debian GNU/Linux system (but may be used by others).
85
86       Modified by Secure Software, Inc.
87
88
89
90                              September 17, 2001                       RATS(1)
Impressum