What is the best regex for validating an email address?

For most cases use a simple safe pattern: /^[^@\s]+@[^@\s]+\.[^@\s]+$/ — it covers 99% of real-world emails and prevents header injection. For strict RFC 5322 compliance, see the "Strict Email Validation RFC 5322" pattern at https://regexlib.dev/regex/email-strict.

How do I write a strong password regex with at least 12 characters and a special character?

Use positive lookaheads: ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*]).{12,}$ — enforces lowercase, uppercase, digit, special character, and a 12-char minimum. See https://regexlib.dev/regex/password-very-strong.

What is the regex for ISO 8601 datetime with timezone?

^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d{1,9})?(?:Z|[+-]\d{2}:\d{2})$ — accepts UTC (Z) or ±HH:MM offsets, with optional fractional seconds. Full reference at https://regexlib.dev/regex/iso-date-with-timezone.

How do I match a UUID v4 with regex?

^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$ — the "4" before the third hyphen and the [89ab] before the fourth ensure version 4 and a valid variant. See https://regexlib.dev/regex/uuid-v4.

How can I detect leaked Stripe, AWS, or OpenAI API keys in code?

Use prefix-anchored patterns: Stripe sk_(live|test)_[A-Za-z0-9]{24,}, AWS AKIA[0-9A-Z]{16}, OpenAI sk-[A-Za-z0-9]{20,}T3BlbkFJ[A-Za-z0-9]{20,}, Google AIza[0-9A-Za-z_-]{35}. Combine in a single pre-commit hook to catch leaks.

Does regex validate that a date is real (e.g., not February 31)?

No. Regex checks the format only. Pair the regex with new Date(value) in JavaScript or datetime.fromisoformat() in Python to verify the calendar correctness.

What is the simplest regex for an IPv4 address with octet validation?

^(?:(?:25[0-5]|2[0-4]\d|[01]?\d?\d)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d?\d)$ — enforces each octet between 0 and 255. See https://regexlib.dev/regex/ipv4.

How do I extract all URLs from a text with regex?

Use the global flag with: /https?:\/\/[^\s<>"']+/g — call text.match(re) to get every match. See https://regexlib.dev/regex/url-extract.

Why does my regex work in JavaScript but not in Python or Java?

Different engines have different syntax. JavaScript uses ECMAScript regex, Python uses re (PCRE-like, no recursion), Java uses java.util.regex (no \K), and Go uses RE2 (no lookarounds). Use the per-language code snippets on each pattern page — they escape the pattern correctly for each language.

Is RegexLib free? Do I need to sign up?

Yes, regexlib.dev is 100% free, no signup, no ads, and no rate limits. You can copy any pattern, test it live, and use the snippets in your project without attribution.

What is the regex for sha3-256 / keccak-256 hash?

The regex pattern for sha3-256 / keccak-256 hash is: ^[A-Fa-f0-9]{64}$ — Matches a 64-character hex digest (SHA-256, SHA3-256, or Keccak-256 — same length). It matches inputs like a3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2 and rejects inputs like a3f5, g3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2.

How do I use the SHA3-256 / Keccak-256 Hash regex in Python?

Import re and use re.fullmatch(r"^[A-Fa-f0-9]{64}$", value) for whole-string validation, or re.findall(r"^[A-Fa-f0-9]{64}$", text) to extract matches. Compile with re.compile() for repeated use.

Is the sha3-256 / keccak-256 hash regex production-ready?

Yes — every pattern is tested against valid and invalid examples. For critical inputs, pair it with server-side validation: Luhn algorithm for credit cards, mod-97 for IBAN, real DNS / MX lookup for emails, libphonenumber for phone numbers.

Why does the sha3-256 / keccak-256 hash regex fail in Python, Java, or Go?

Different regex engines (ECMAScript, PCRE, java.util.regex, Python re, Go RE2) support slightly different syntax — RE2 has no lookarounds or backreferences. Use the per-language code snippets above; they escape the pattern correctly for each language.

Can I edit and test the sha3-256 / keccak-256 hash regex live?

Yes — use the live tester on this page. Type your test string and toggle flags (g, i, m, s, u, y) to see matches and capture groups highlighted instantly. The URL is shareable.

Security

SHA3-256 / Keccak-256 Hash Regex Pattern

Matches a 64-character hex digest (SHA-256, SHA3-256, or Keccak-256 — same length).

Pattern

^[A-Fa-f0-9]{64}$

Tested examples

a3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2

a3f5

g3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2

Test it live

Live Regex TesterJS

1 match

Pattern

Test string

Result

a3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2

Match 1at index 0

a3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2

Use it in your language

Use it in

// JavaScript / Node.js
const regex = /^[A-Fa-f0-9]{64}$/;
const value = "a3f5d6e9b8c7a2f1e0d4b3a2f1e0d9c8b7a6f5e4d3c2b1a0f9e8d7c6b5a4f3e2";
const isMatch = regex.test(value);
console.log(isMatch); // true / false

// Extract all matches
const matches = value.match(/^[A-Fa-f0-9]{64}$/g) || [];

Frequently asked questions

How do I use the SHA3-256 / Keccak-256 Hash regex pattern in JavaScript?

Wrap the pattern in slashes: const re = /^[A-Fa-f0-9]{64}$/; — then call re.test(value) to check a single value, or value.match(re) to find matches. The "Use it in" snippets above give you the exact code for 9 languages.

Is this sha3-256 / keccak-256 hash regex production-ready?

Yes — every pattern in the library is tested against valid and invalid examples. Still, regex is one layer in a defense-in-depth strategy: pair it with server-side validation (e.g. Luhn for credit cards, mod-97 for IBAN, real DNS lookup for emails) for critical inputs.

Why does my pattern fail in another language?

Different regex engines (PCRE, Java, Python, Go's RE2) support slightly different syntax. The most common gotchas: lookbehinds (not in RE2), named groups syntax, and how backslashes need to be escaped inside string literals. The code snippets above already escape correctly for each language.

Can I edit this pattern and test it live?

Yes — use the live tester above. Type your test string and toggle flags (g, i, m, s, u, y) to see matches highlighted instantly, including capture groups.

Related patterns

See all Security →

Security

All patterns Open regex tester Regex cheatsheet

SHA3-256 / Keccak-256 Hash Regex Pattern

Tested examples

Test it live

Use it in your language

Tags

Frequently asked questions

Related patterns

SQL Injection Detection

Strong Password

JWT Token

Ultra-Secure Password

Basic XSS Detection

TOTP / OTP Code