Ben Caller

Yeah DoS in a DoS-finding tool isn't ideal. A timeout might help. Do you know if it was a particularly weird regex (or string which was misidentified a regex) or...

Yeah this is quite important.

As intended. There is no payload which will cause backtracking with this regex unless you are using it with a function like python's `re.fullmatch`. A slight trade-off to avoid false...

So this is a weird one. The quadratic behaviour doesn't appear if you use `re.compile(r"\s+$").match` (or equivalent). It appears when used with `re.search` or `re.sub` as they scan the input....

Thanks for the question by the way

Atomic groups currently aren't supported. I should probably make that explicit in the documentation. Atomic groups are not available in python's regular expression engine but regexploit could add some support...