Sign in

    SDL Regex Fuzzer

    SDL Regex Fuzzer is a tool to help test regular expressions for potential denial of service vulnerabilities.
    • Version:


      File Name:


      Date Published:


      File Size:

      2.4 MB

        Regular expression patterns containing certain clauses that execute in exponential time (for example, grouping clauses containing repetition that are themselves repeated) can be exploited by attackers to cause a denial-of-service (DoS) condition. SDL Regex Fuzzer is a tool to help test regular expressions for these potential vulnerabilities during the Verification phase of the Microsoft Security Development Lifecycle (SDL) process.
    • Supported Operating System

      Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP

        .NET Framework 3.5
      • 1. Download and install the RegexFuzzerSetup*.msi on your machine.
        2. Launch SDL Regex Fuzzer from the Start menu.
        3. Enter the regular expression pattern to be tested into the pattern input field.
        4. Select the attack character set and number of iterations to test.
        5. Press the Start button to start fuzzing.
        6. (Optional) If SDL Regex Fuzzer detects a vulnerability, you can file a bug into a Team Foundation Server 2008 or 2010 Team Project by pressing the "File A Bug" button.

    Popular downloads

    Loading your results, please wait...

    Free PC updates

    • Security patches
    • Software updates
    • Service packs
    • Hardware drivers

    Microsoft Suggests

    Windows 10. The best Windows ever.
    Windows 10
    The best Windows ever.
    Upgrade for free*