ITS4 is a command-line tool for statically scanning C and C++ source code for security vulnerabilities. ITS4 scans through source code for potentially dangerous function calls that are stored in a database. Anything that is in the database gets flagged. ITS4 tries to automate a lot of the grepping usually done by hand when performing security audits.
eda8d0762c06c5ed9847ce9f0187e7f3c53a4cd482084ddf434522078030e383