Package Info

regexploit

install

Find regular expressions vulnerable to ReDoS

Unspecified
Many default regular expression parsers have unbounded worst-case complexity.
Regex matching may be quick when presented with a matching input string.
However, certain non-matching input strings can make the regular expression
matcher go into crazy backtracking loops and take ages to process. This can
cause denial of service, as the CPU will be stuck trying to match the regex.


This tool is designed to:


    

  • find regular expressions which are vulnerable to ReDoS
    • 

  • give an example malicious string which will cause catastrophic backtracking
    • 



Supports:


    

  • C#
    • 

  • JavaScript/TypeScript (requires node to be installed)
    • 

  • JSON
    • 

  • Python
    • 

  • YAML
    •
License: Apache-2.0
URL: https://github.com/doyensec/regexploit

Categories

Unspecified

Releases

Package Version Update ID Released Package Hub Version Platforms Subpackages
1.0.0-bp160.1.10 info GA Release 2024-02-01 16.0
  • AArch64
  • ppc64le
  • s390x
  • x86-64
  • regexploit