DEF CON 23 [Audio] Speeches from the Hacker Convention
Eric (XlogicX) Davisson - REvisiting RE:DoS
09 Oct 2015
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Eric-XlogicX-Davisson-ReDoS.pdf REvisiting RE:DoS Eric (XlogicX) Davisson Not a security researcher Regular Expression Denial of Service has existed for well over a decade, but has not received the love it deserves lately. There are some proof of concept attacks out there currently, most of which are ineffective due to implementation optimizations. Regardless of the effectiveness most of these PoC's are geared only to NFA engines. This talk will demonstrate working PoC's that bypass optimizations. Both NFA and DFA engines will get love. Tools will be released (with demonstration) that benchmark NFA/DFA engines and automate creation of 'evil strings' given an arbitrary regular expression. Attendees can expect a review of regex and a deep under the hood explanation of both regex engines before abuses ensue. ^ Not a security researcher
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
13:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
10:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
13:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana