Language/Japanese
This tool is an extension of PortSwigger product, Burp Suite. Supports Burp suite Professional/Community.
This extension is a tool for ReDoS determination and detection.
It uses "https://makenowjust-labs.github.io/recheck/" as the library for ReDoS detection.
The main repository (main) may contain code under development. Please download the stable release version from the following.
Please use the following versions
- Burp suite v2023.1.2 or above
The Burp Suite Extender can be loaded by following the steps below.
- Click [add] on the [Extender] tab
- Click [Select file ...] and select ReDoSDetector.jar
- Click [Next], confirm that no error is occurring, and close the dialog with [Close].
ReDoSDetector tab will be added to Burp Suite.
Manual ReDoS check can be performed.
Specifies ReDoS scan options.
For more information on scanning options, see below.
There is a GUI mode that runs standalone without Burp Suite.
java -jar ReDoSDetector.jar
gradlew release
.Java
- JRE (JDK) 17 (Open JDK is recommended) (https://openjdk.java.net/)
.Burp suite
- v2023.1.2 or higher (http://www.portswigger.net/burp/)
- NetBean 21 (https://netbeans.apache.org/)
- Gradle 7.6 (https://gradle.org/)
Building requires a BurpExtensionCommons library.
- BurpExtensionCommons v3.1.x
-
google gson (https://github.com/google/gson)
- Apache License 2.0
- https://github.com/google/gson/blob/master/LICENSE
-
Universal Chardet for java (https://code.google.com/archive/p/juniversalchardet/)
-
recheck core (https://mvnrepository.com/artifact/codes.quine.labs/recheck-core)
- MIT license
- https://makenowjust-labs.github.io/recheck/
Operation is confirmed with the following versions.
- Burp suite v2024.2.1
This tool developed by my own personal use, PortSwigger company is not related at all. Please do not ask PortSwigger about problems, etc. caused by using this tool.