This is "BogoSec" developed by Dustin Kirkland, Agoston Petz, and Loulwa Salem of IBM Linux Technology Center Security Team.

It's a Perl based tool that invokes source code scanners on target code, analyzes the output, and calculates a quality metric value indicating the security level of the code.

INSTALLATION:
=============
 - Install scanners
	The following scanners are supported by BogoSec:
 	  FlawFinder 	:  http://www.dwheeler.com/flawfinder
 	  RATS 		:  http://www.securesoftware.com/resources/tools.html
	The following scanner is no longer supported:
 	  ITS4 		:  http://www.cigital.com/its4

	Install at least one of the scanners supported by BogoSec.

 - Download http://sourceforge.net/projects/bogosec/ and uncompress tarball
	tar xvzf bogosec*.tar.gz
	cd bogosec*
		or
	gunzip bogosec*.tar.gz
	tar xvf bogosec*.tar
	cd bogosec*

 - Install BogoSec using "make install"
	This will place the tool executables in /usr/bin.
	The scanner plugins will be placed in /usr/lib/bogosec/plugins.

RUN BogoSec:
============
 - Supported target_code formats:
	Single source files (*.c, *.cpp, *.c++)
	Entire source tree
	Archives (*.tar.gz, *.tgz)
	Source RPM (*.src.rpm)

 - Invoke BogoSec:
	bogosec <options> target_code
		or
	bogosec_wrapper target_directory

	Refer to man pages for more information about available options

REMOVAL:
========
 - If needed, uninstall the tool using "make uninstall"
