推荐检测工具:https://github.com/doyensec/regexploit
使用Python pip 安装,因为我本地是 mac 默认是3.8的python,所以可以直接安装,其他系统可以参考 https://github.com/doyensec/regexploit 文档
pip install regexploit
# 输入 regexploit,然后每行输入 要检测的 正则表达式
(base) zhangburui@ZPR-MacBook-Pro ~ % regexploit
Welcome to Regexploit. Enter your regexes:
(\b(update|and|or|insert|trancate|char|into|substr|declare|exec|drop|execute)\b)
No ReDoS found.
No ReDoS found.
<script></script>
No ReDoS found.
<div></div>
No ReDoS found.
<input />
No ReDoS found.
<a></a>
No ReDoS found.
<form></form>
No ReDoS found.
<script[^>]*>([^<]*)</script>
No ReDoS found.
<div[^>/]*>(.*?)</div>
No ReDoS found.
<form[^>]*>([^<]*)</form>
No ReDoS found.
<a[^>]*>([^<]*)</a>
No ReDoS found.
<input[^>/]*/>
No ReDoS found.
评论区