hhucn / webvulnscan

automated web application vulnerability scanner
MIT License
38 stars 27 forks source link

Billion Laughs (and small check whether UTF-7 is used on a website) #80

Open osarier opened 10 years ago

osarier commented 10 years ago

This is a test for checking whether an application is vulnerable for Billion Laughs / Quadratic Blowup. Right now this does NOT work with Python 3. I also added the option --net which is only used for the Billion Laughs and Quadratic Blowup tests.

If you have any questions please feel free to ask me.