█
LastWrite
  • > Curriculum
  • > Pricing
  • > For Educators
  • > About
  • > Contact
Log InGet Started

Questions, concerns, bug reports, or suggestions? We read every message, write to us at [email protected].

More ways to reach us →
LastWrite

Structured computer science lessons for aspiring developers and security professionals.

[email protected]

(201) 785-7951

Mon–Fri, 9 AM–5 PM EST

Learn

  • Curriculum
  • Pricing

Company

  • About
  • For Educators & Schools
  • Contact Us

Legal

  • Terms of Service
  • Privacy Policy
© 2026 LastWrite. All rights reserved.
Curriculum/Programming Languages/Python (Professional)/Regular Expressions
45 minIntermediate

Regular Expressions

After this lesson, you will be able to: Read and write regular expressions fluently: character classes, quantifiers, anchors, groups, and lookarounds, and apply them to validation, parsing, and log analysis while avoiding catastrophic backtracking.

Regular expressions are a tiny language for matching text patterns, used everywhere: form validation in web apps, log analysis and SIEM queries in security, and data parsing in every language. This lesson takes you from zero to professional regex: the syntax, real uses, the tooling, and the performance pitfall that takes down production systems.

Prerequisites:Python Standard Library Deep Dive

What a regex is and the core syntax

A regular expression describes a text pattern. Character classes match sets: \d (digit), \w (word character), \s (whitespace), [a-z] (a range), . (any character). Quantifiers set repetition: * (zero or more), + (one or more), ? (zero or one), {2,4} (between two and four). Anchors pin position: ^ (start), $ (end), \b (word boundary). Groups ( ) capture parts for extraction; | is alternation (or). With these you can match most real-world patterns.

Validation, extraction, and groups

Python's re module; the same patterns work in JavaScript and most languages.

python
import re
# Validate a simple email shape (real validation is more nuanced)
EMAIL = re.compile(r"^[\w.+-]+@[\w-]+\.[\w.-]+$")
print(bool(EMAIL.match("[email protected]"))) # True
# Extract with capture groups
m = re.search(r"(\d{4})-(\d{2})-(\d{2})", "date: 2026-06-04")
print(m.group(1), m.group(2), m.group(3)) # 2026 06 04
# Find all matches
print(re.findall(r"\b\d+\b", "3 cats, 12 dogs")) # ['3', '12']

Lookarounds and named groups

Lookaheads and lookbehinds match based on context without consuming it: (?=...) positive lookahead, (?!...) negative lookahead, (?<=...) lookbehind. They let you say 'a number followed by USD' or 'a word not preceded by no '. Named groups (?P<year>\d{4}) make captures self-documenting (m.group('year')). These are the tools that separate someone who can read any regex from someone who only writes simple ones.

Where regex earns its keep

Web development: validating and parsing form input (emails, phone numbers, slugs), though for emails a library or simple shape check beats an over-clever pattern. Security: log analysis and SIEM queries live on regex (extracting IPs, finding suspicious patterns, matching IOCs); the Incident Response and Threat Intelligence subtracks use it constantly. Data work: cleaning and extracting fields from messy text. It is one of the highest-leverage cross-language skills you can learn once and use everywhere.

💡 Catastrophic backtracking (the production-killer)

A poorly written regex with nested quantifiers (like (a+)+ ) can take exponential time on certain inputs, freezing a thread and taking down a service. This is ReDoS (regular-expression denial of service), a real vulnerability class. Avoid nested quantifiers on overlapping patterns, prefer specific character classes over greedy . *, test patterns against pathological inputs, and on untrusted input consider a regex engine with linear-time guarantees (like Rust's regex or RE2). A regex is code, and a bad one is an outage.

Quick Check

Why can a regex like (a+)+$ be dangerous on attacker-controlled input?

Pick one.

Common mistakes only experienced devs catch

Writing an over-complex email regex instead of a simple shape check plus a verification email. Nested quantifiers that cause ReDoS. Forgetting to escape special characters (. matches any character unless escaped). Not anchoring with ^ and $ when you mean to match the whole string. Using greedy . * where a specific class is clearer and safer. Not testing with a tool like regex101 before shipping. Reaching for regex to parse HTML or deeply nested structures (use a real parser).

Sign in and purchase access to unlock this lesson.

Sign in to purchase
←Packaging and Distribution
Back to Python (Professional)
Python for Backend: FastAPI→