sola-da / ReDoS-vulnerabilities
A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-concept exploit, showing how the slowdown may occur. The resources in this repository are provided for research purpose only. Please read below for more details.
☆58Updated 7 years ago
Alternatives and similar repositories for ReDoS-vulnerabilities:
Users that are interested in ReDoS-vulnerabilities are comparing it to the libraries listed below
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆43Updated 6 months ago
- HTML5 WebSocket message fuzzer☆144Updated 6 years ago
- Automatically Preventing Code Injection Attacks on Node.js☆78Updated 2 years ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 3 years ago
- Fuzz testing: Beginner's guide☆76Updated 8 months ago
- A fuzzing library in JavaScript. ✨☆117Updated 3 months ago
- RegEx Denial of Service (ReDos) Scanner☆162Updated 7 years ago
- An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …☆31Updated 3 years ago
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆43Updated 7 years ago
- ☆23Updated 5 years ago
- Another web fuzzer written in NodeJS☆58Updated 6 years ago
- Fuzz testing framework for network protocols.☆17Updated 4 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 5 years ago
- Repository to showcase various configuration recipes with various technologies☆35Updated 2 years ago
- Symbolic execution inspired PHP application scanner for code-path discovery☆30Updated 5 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆15Updated 7 years ago
- A repository for GraphQL Extension for Burp Suite☆58Updated 6 years ago
- Yet Another Vulnerability Database☆15Updated 3 years ago
- BSidesSF CTF 2019 release☆72Updated last year
- JWT fuzzer☆104Updated 6 years ago
- OWASP WAP - Web Application Protection Project☆11Updated 5 years ago
- Dockerfile for AFL++ and helpful other tools☆21Updated 4 years ago
- A simple test of fuzzing Java with AFL and GCJ☆16Updated 6 years ago
- An investigative study on the security and privacy aspects of Progressive Web Apps☆18Updated 6 years ago
- X41 Browser Security White Paper - Tools and PoCs☆184Updated 7 years ago
- Exploitation challenges for CTF☆62Updated 6 years ago
- Collection of vulnerable and fixed PHP synthetic test cases☆60Updated last year
- JavaScript Static Code Analysis☆24Updated 10 years ago
- Github Desktop RCE PoC☆28Updated 6 years ago