drek
A static-code-analysis tool for performing security-focused code reviews.
It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns. Much like grep, drek scans a codebase for user-defined regular-expressions. Unlike grep, drek outputs its results into an ergonomic html report that allows for sorting, filtering, and annotating of points-of-interest.