This repository contains a script to test other bash scripts for syntax errors and static issues.
The script you have is already pretty solid, checking for:
Syntax errors using bash -n.
Static analysis using ShellCheck.
Checking for dangerous commands that might be malicious.
Conclusion
The script is now more comprehensive, checking for:
Syntax errors and static analysis using ShellCheck.
Dangerous commands, file operations, and root privilege requests.
Sensitive data like passwords and API keys.
Network activity and system information gathering.
Possible obfuscation techniques like base64 encoding.
This should help you catch both basic issues and some common signs of malicious behavior in Bash scripts. Always remember, this is just a starting point, and further manual review is essential for truly secure coding practices.
Run the test_bash_script.sh with the script you want to check:
./test_bash_script.sh <script_to_test.sh>
For better testing perfomance install:
sudo apt install shellcheck # for Ubuntu/Debian-based systems
brew install shellcheck # for macOS with Homebrew
Make it executable:
chmod +x test_bash_script.sh
Run it with the bash script you want to check:
./test_bash_script.sh your_script.sh