Regexp Security Cheatsheet
A comprehensive repository documenting security vulnerabilities in regular expressions used by Web Application Firewalls, including bypass examples and SAST tools for vulnerability identification.
Regexp Security Cheatsheet
A comprehensive repository documenting security vulnerabilities in regular expressions used by Web Application Firewalls, including bypass examples and SAST tools for vulnerability identification.
Regexp Security Cheatsheet Description
A repository that catalogs security vulnerabilities found in regular expressions commonly implemented in Web Application Firewalls (WAFs). The resource provides detailed documentation of bypass techniques and examples that demonstrate how attackers can circumvent regex-based security controls. The cheatsheet focuses on high-severity issues and includes practical examples of regex patterns that can be exploited. It serves as a reference for security professionals to understand common weaknesses in regex implementations used for input validation and filtering. The repository includes SAST (Static Application Security Testing) tools designed to identify vulnerabilities in custom regular expressions. These tools help developers and security teams analyze their regex patterns for potential security flaws before deployment. Originally presented at BlackHat USA 2016, the resource has been maintained and updated to reflect current bypass techniques and vulnerability patterns. It provides both offensive and defensive perspectives on regex security, making it valuable for penetration testers, security researchers, and developers working on WAF implementations.
Regexp Security Cheatsheet FAQ
Common questions about Regexp Security Cheatsheet including features, pricing, alternatives, and user reviews.
Regexp Security Cheatsheet is A comprehensive repository documenting security vulnerabilities in regular expressions used by Web Application Firewalls, including bypass examples and SAST tools for vulnerability identification.. It is a Resources solution designed to help security teams with Vulnerability Analysis, Security Research, Static Analysis.
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
Weekly cybersecurity newsletter for security leaders and professionals