sola-da / ReDoS-vulnerabilities
A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-concept exploit, showing how the slowdown may occur. The resources in this repository are provided for research purpose only. Please read below for more details.
☆59Updated 7 years ago
Alternatives and similar repositories for ReDoS-vulnerabilities
Users that are interested in ReDoS-vulnerabilities are comparing it to the libraries listed below
Sorting:
- Automatically Preventing Code Injection Attacks on Node.js☆78Updated 3 years ago
- A fuzzing library in JavaScript. ✨☆118Updated 7 months ago
- Fuzz testing: Beginner's guide☆76Updated last year
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆34Updated 8 years ago
- ☆19Updated 6 years ago
- Demos of and walkthroughs on in-browser fuzzing using WebAssembly☆124Updated 5 years ago
- OWASP WAP - Web Application Protection Project☆11Updated 5 years ago
- HTML5 WebSocket message fuzzer☆146Updated 6 years ago
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆42Updated 10 months ago
- ☆122Updated 3 years ago
- An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …☆31Updated 4 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 5 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 6 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- Symbolic execution inspired PHP application scanner for code-path discovery☆32Updated 6 years ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 3 years ago
- Webkit uxss exploit (CVE-2017-7089)☆64Updated 7 years ago
- Result files from various fuzzing runs☆16Updated 3 years ago
- ☆29Updated 5 years ago
- Automate repetitive tasks for fuzzing☆125Updated 3 years ago
- A regular expression fuzzer.☆43Updated 7 years ago
- Fuzzing results for various interpreters.☆80Updated 7 years ago
- Array.prototype.slice wrong alias information.☆68Updated 6 years ago
- Another web fuzzer written in NodeJS☆58Updated 6 years ago
- ☆91Updated 6 years ago
- Fuzzing Browsers☆311Updated 2 years ago
- An AFL-inspired genetic fuzz tester for JavaScript☆131Updated 3 months ago
- WinDbg script to spoof origin and url of a renderer process in Chrome☆25Updated 4 years ago
- ☆23Updated 6 years ago
- ☆20Updated 9 years ago