paste a regular expression · detect catastrophic backtracking redos risk · ambiguous repetition · complexity estimate · attack string · nfa diagram · runs locally
pattern
verdict
attack PoC · (no exponential PoC required)
safe alternatives
- Remove nested + : use (?:a+) instead of (a+)+
nfa diagram
[start] S0 --1-∞--> S1 S1 --1-∞--> S2 S2 --'a'--> S3 S3 --'b'--> S4 [accept]