https://github.com/doyensec/regexploit
RegExploit is a tool designed to analyze regular expressions for potential vulnerabilities related to ReDoS (Regular Expression Denial of Service). These vulnerabilities can be exploited by attackers to overwhelm systems, leading to excessive computation during regular expression processing. The tool is valuable for preventing such attacks and ensuring the security of regular expressions in software projects.
RegExploit is designed for Unix/Linux/POSIX systems and supports Python version 3. It is integrated into the code analysis process and used as a command-line tool to scan regular expressions for vulnerabilities.
As with any analysis tool, it's important to ensure that the source code and regular expressions being analyzed by RegExploit are correctly encoded. If the source code contains encoding errors, it can cause problems during analysis. To ensure stable operation, it is recommended to use UTF-8 for both the code and the system.
Technically, RegExploit uses lexical analysis to scan for tokens and patterns within regular expressions that can lead to exponential or excessive computation. The tool identifies constructs like infinite repetitions of characters or sequences that may cause the system to hang.
However, the tool does not analyze data flow or data types, which may lead to some false positives. Nevertheless, RegExploit is capable of identifying vulnerabilities in regular expressions even if the code they are used in cannot be compiled.
Flawfinder is released under the GNU GPL license version 2 or later (GPL-2.0+). See the COPYING file for license information.