Skip to content
Home SAST Tools Graudit
Graudit

Graudit

Category: SAST
License: Free (Open-Source, GPL-3.0)
GitHub (1700★)
Visit Website →
Suphi Cankurt
Suphi Cankurt
AppSec Enthusiast
Updated February 17, 2026
2 min read
Key Takeaways
  • Graudit uses grep-based pattern matching with 26+ signature databases covering PHP, Python, Java, C, Ruby, JavaScript, and more.
  • Zero dependencies beyond POSIX tools (grep, sed) — runs anywhere without installing runtimes, included in Kali Linux by default.
  • Open-source under GPL-3.0 with 1,700 GitHub stars, designed for quick manual code auditing rather than CI/CD pipelines.
  • Signature databases are plain text files that are easy to customize and extend for project-specific vulnerability patterns.

Graudit is a lightweight SAST tool built on grep and POSIX regular expressions. It scans codebases for security vulnerabilities using signature databases that match dangerous function calls and insecure patterns.

With over 1,700 GitHub stars, Graudit has earned its place as a reconnaissance scanner for security researchers. It is included by default in Kali Linux.

What is Graudit?

Graudit takes a simple approach to static analysis: pattern matching with grep. It runs on any POSIX system without compilation or setup, requires only standard utilities (grep, sed, awk, bash), and processes large codebases at near-disk speed.

The tool ships with 26+ signature databases for common web languages. Security researchers can create and modify rules using familiar regular expression syntax.

26+ Signature Databases
Curated patterns for PHP, Python, Java, C, Ruby, JavaScript, Perl, ASP, JSP, and more. Each database targets language-specific security issues like SQL injection, XSS, and command execution.
Zero Dependencies
Requires only standard POSIX utilities available on any Unix-like system. No package managers, no compilation, no runtime environments. Copy and scan.

Key features

FeatureDetails
Signature databases26 language/pattern databases
Detection methodPOSIX extended regular expressions via grep
DependenciesStandard POSIX utilities (grep, sed, awk, bash)
Installationgit clone, apt (Kali Linux), brew (macOS), make install
Output modesColor, colorblind (-b), vim-friendly (-L), no-banner (-B)
Latest versionv4.0 (December 2025)
LicenseGPL-3.0
Contributors13

Signature databases

All 26 databases included with Graudit:

CategoryDatabases
Web languagesphp, python, ruby, perl, js, typescript, asp, jsp
Compiled languagesc, java, dotnet, go, scala, eiffel, nim
Legacy/specializedcobol, actionscript, ios, android
Cross-language patternsxss, sql, spsqli, secrets, strings, exec, default, fruit
Reconnaissance tool
Graudit is a first-pass scanner that identifies obvious security issues for further investigation. It cannot track data flow, understand variable scope, or distinguish safe usages from vulnerable ones. Expect false positives that require manual review.

Getting started

1
Install — Clone the repo with git clone https://github.com/wireghoul/graudit.git, or install via apt install graudit on Kali Linux or brew install graudit on macOS.
2
Scan a project — Run graudit -d php /path/to/project to scan with a specific language database. Use -l to list available databases.
3
Review findings — Graudit shows matches with file paths and line numbers. Use -A 3 for context lines around matches or -B for machine-readable output.
4
Write custom rules — Create a text file with one regex pattern per line. Use it with graudit -d /path/to/custom.db /path/to/project.

When to use Graudit

Graudit works best as a fast first-pass scanner for security researchers auditing unfamiliar codebases. It catches common vulnerabilities without any setup overhead.

For production security programs, pair Graudit with semantic analysis tools like Semgrep or CodeQL that understand code structure and can track data flow.

Best for
Security researchers who need a fast, zero-dependency reconnaissance scanner for quick code audits.

Frequently Asked Questions

What is Graudit?
Graudit is a lightweight grep-based source code auditing tool with 26+ signature databases for PHP, Python, Java, C, Ruby, JavaScript, and more. It uses POSIX extended regular expressions to match dangerous function calls and insecure patterns.
Is Graudit free?
Yes. Graudit is free and open-source under the GPL-3.0 license. It requires only standard POSIX utilities (grep, sed, awk, bash) and is included by default in Kali Linux.
How does Graudit compare to Semgrep?
Graudit uses simple grep-based pattern matching, while Semgrep uses semantic analysis that understands code structure. Graudit is faster to set up and runs on any POSIX system, but produces more false positives and cannot track data flow. Graudit is best as a quick reconnaissance scanner, not a replacement for semantic analysis tools.
How we review tools Suggest an edit

Other SAST Tools

Bandit
Bandit

Open-Source Python Scanner

Codacy
Codacy

40+ Languages with AI Code Protection

detect-secrets
detect-secrets

Baseline secret management

Gitleaks
Gitleaks

Git secret scanner

Semgrep
Semgrep

Fast Open-Source with Custom Rules

SonarLint
SonarLint

Real-time IDE analysis

See all SAST tools

Complement with SCA

Pair static analysis with dependency scanning for broader coverage.

AN
Anchore

SBOM-First Container Security Platform

Anchore Grype
Anchore Grype

Fast Container Vulnerability Scanner

See all SCA tools

Learn More

What is SAST? What is DAST? What is IAST? What is RASP? SAST vs DAST vs IAST SAST vs SCA

Explore our Application Security Testing resource hub