Skip to main content


How Regular Expressions and ReDoS attacks work

In this talk, Danielle Westerman explains the theory of regular languages, and how they are defined by regular expressions. Danielle shows how finite state machines can be used to model how regular expression search for characters that match its pattern- and how the JavaScript RegExp object works. Finally, Danielle talks about how RegEx's can be overwhelmed through a ReDoS attack, also called catastrophic backtracking, and hang your site indefinitely

Project Members: Danielle Westerman