Tool to test regular expressions for DoS vulnerabilities

Regular expression patterns containing certain clauses that execute in exponential time (for example, grouping clauses containing repetition that are themselves repeated) can be exploited by attackers to cause a denial-of-service (DoS) condition.

Microsoft SDL Regex Fuzzer is a tool to help test regular expressions for these potential vulnerabilities, get it here.

Supported operating systems:

  • Windows 7
  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2008 R2
  • Windows Vista
  • Windows XP.



Share this