Show HN: Redos-analyzer – static ReDoS detection and auto-fix for Python

Category: security

Tags: static-analysis, regex-security, vulnerability-detection

Score: 7.5/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 7)

redos-analyzer is a static analysis tool that detects and automatically fixes Regular Expression Denial of Service (ReDoS) vulnerabilities in Python code by analyzing CPython's internal sre_parse AST. It's interesting because it not only identifies dangerous patterns but also generates semantically verified fixes using atomic groups, and it validates findings against real-world PyPI packages.

Target audience: backend devs, security engineers, devops

Repository: https://github.com/HarshithReddy01/redos-analyzer · Python

View on Hacker News