Regular Expression Security Cheatsheet

= Regular Expression Security Cheatsheet =

Introduction
This cheatsheet can be effectively used by security specialists and programmers to reveal unwanted constructions in regular expressions. This can cause bypass of intended validation rules.

Cheatsheet
Here is a link to the GitHub RegEx repository:

SAST
In order to save time for security practitioners, Static Application Security Testing tool was written. You can use the following code to analyze all regular expressions from your project:

SAST can be downloaded from here:

https://github.com/attackercan/regexp-security-cheatsheet/tree/master/RegexpSecurityParser
=Authors and Primary Editors=

Vladimir Ivanov @httpsonly