regexploit: init at 1.0.0

1 files changed, 35 insertions, 0 deletions

diff --git a/pkgs/tools/security/regexploit/default.nix b/pkgs/tools/security/regexploit/default.nix
new file mode 100644
index 00000000000..be09c34254b
--- /dev/null
+++ b/pkgs/tools/security/regexploit/default.nix
@@ -0,0 +1,35 @@
+{ lib
+, fetchFromGitHub
+, python3
+}:
+
+python3.pkgs.buildPythonApplication rec {
+  pname = "regexploit";
+  version = "1.0.0";
+
+  disabled = python3.pythonOlder "3.8";
+
+  src = fetchFromGitHub {
+    owner = "doyensec";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "0z3fghsyw0ll36in7ihc0qi3gy7mqi6cw1mi8m8c8xb1nlwpfr0y";
+  };
+
+  propagatedBuildInputs = with python3.pkgs; [
+    pyyaml
+  ];
+
+  checkInputs = with python3.pkgs; [
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [ "regexploit" ];
+
+  meta = with lib; {
+    description = "Tool to find regular expressions which are vulnerable to ReDoS";
+    homepage = "https://github.com/doyensec/regexploit";
+    license = with licenses; [ asl20 ];
+    maintainers = with maintainers; [ fab ];
+  };
+}