Find regular expressions vulnerable to ReDoS
https://github.com/doyensec/regexploit
Many default regular expression parsers have unbounded worst-case complexity.
Regex matching may be quick when presented with a matching input string.
However, certain non-matching input strings can make the regular expression
matcher go into crazy backtracking loops and take ages to process. This can
cause denial of service, as the CPU will be stuck trying to match the regex.
This tool is designed to:
* find regular expressions which are vulnerable to ReDoS
* give an example malicious string which will cause catastrophic backtracking
Supports:
- C#
- JavaScript/TypeScript (requires node to be installed)
- JSON
- Python
- YAML
- Devel package for openSUSE:Factory
- Links to openSUSE:Factory / regexploit
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout security/regexploit && cd $_ - Create Badge
Refresh
Refresh
Source Files (show unmerged sources)
| Filename | Size | Changed |
|---|---|---|
| regexploit-1.0.0.tar.gz | 0000072704 71 KB | |
| regexploit.changes | 0000000376 376 Bytes | |
| regexploit.spec | 0000002282 2.23 KB |
Latest Revision
buildservice-autocommit
accepted
request 1143291
from
Sebastian Wagner (sebix)
(revision 5)
Sebastian Wagner (sebix)
(revision 5)
baserev update by copy to link target
Comments 0