Skip to main content

SDL Regex Fuzzer Overview


About This Video
SDL Regex Fuzzer is a tool to be used during the Verification phase of Microsoft Security Development Lifecycle (SDL). It can help test regular expressions for these potential vulnerabilities. Regular expression patterns containing certain clauses that execute in exponential time (for example, grouping clauses containing repetition that are themselves repeated) can be exploited by attackers to cause a denial-of-service (DoS) condition.


Published Date: 2/24/2011
Presented By: Bryan Sullivan and Georgeo Pulikkathara


Video: WMV | MP4 | WMV (ZIP)