I recently created this repo that combines the various regular expression denial of service detectors: https://ift.tt/2qjwvfN also created some npm modules for CI friendliness. - https://ift.tt/2GIVHas - https://ift.tt/2qk9nO9 these send your regexes to my server, but the code to host your own server is in the repo).Using these tools I found DOS vulnerabilities in Python core, Node.js core, Django, MongoDB, Hapi, and hundreds of npm modules.
Submitted April 09, 2018 at 05:36PM by davisjam
No comments:
Post a Comment