- Interactive cross-site scripting (XSS) cheat sheet for 2021, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.
- Regular expressions¶ Developing regular expressions can be complicated, and is well beyond the scope of this cheat sheet. There are lots of resources on the internet about how to write regular expressions, including this site and the OWASP Validation Regex Repository.
When it comes to extracting information or pattern from a string there we use regular expressing. In a regular expression, we use the ASCII code to perform the matching sting operation. Many form validation operations are made by using regular expression when a user enters some information at the same time form validate that data using a regular expression. Apart from validation, there are many other applications of regular Expression such as parsing, replacing strings, passing through translating data to different formats and extracting information from the web.
For examples of parameterized queries in other languages, including Ruby, PHP, Cold Fusion, and Perl, see the Query Parameterization Cheat Sheet or this site. Developers tend to like the Prepared Statement approach because all the SQL code stays within the application.
Many high-level programming languages also support Regular expression, and syntax of regular expressing is similar for each programming language.
What is Regex?
regex stands for the regular expression, and it is a technique to search string patterns from a string. It is used by many text editors such as Sublime, Notepad++, Brackets, Microsoft word, etc for search and replaces operations.
Regular Expression Cheat Sheet
Anchor:
| Expression | Description | Example: | Output Match |
| ^ | To check the starting point of a string. | ^Tech | any string starting with “Tech” Output: TechGeekbuzz |
| $ | To check the end of a string | $buzz | TechGeekbuzz |
Pl Sql Regex Cheat Sheet
Characters:
| Expression | Description | Example: | Output Match |
| d | A digit from 0 to 9 | “TechGeekbuzz dddd” | TechGeekbuzz2020 |
| w | Any ASCII letter, digit and underscore | “TechwGeekbuww” | Tech_Geekbuzz |
| s | whitespace | “TechsGeekbuzz” | Tech Geekbuzz |
| D | A character but not a digit | “TechDeekbuzz” | TechGeekbuzz |
| W | A character which is not a word. | “WTechGeekbuzz” | +TechGeekbuzz |
| . | Any Character exclude line break | T.B | TGB; TAB; TBB; .. |
| Escape next special character | TGB | TGB |
Quantifiers:
| Expression | Description | Example: | Output Match |
| * | Zero or More times; | TGB* | match a string which has TG followed by zero or more G Output: TG; TGB TGBBB; |
| + | One or more | TGB+ | match a string which has TG followed by one or more G Output: TGB; TGBB; |
| {d } | Exactly | TGB{5} | Match a string TG followed by exactly 5 B’s; Output: TGBBBBB |
| {d,d} | In between | TGB{3,5} | Match a string TG followed by 3 up to 5 B’s; Output: TGBBB; TGBBBB; TGBBBBB; |
| ? | Once or none | TGBs? | Output: TGBs; TGB; |
Logic:
Sql Regex Cheat Sheet
| Expression | Description | Example: | Output Match |
| | | Or operator | 1|2 | Either be 1 or 2 |
| () | Group | T(echGeekBuzz|GB) | TechGeekBuzz; TGB; |
| 1 | Group the content by 1 | G(w)1gle | Google; Gaagle; Gbbgle; …. |
| 2 | Group the Content by 2 | “(dd) (ww) = 2 1” | 12 aa = aa 12; 11 bb = bb 11; ….; |
Brackets:
| Expression | Description | Example: | Output Match |
| [ ] | Any character from the bracket | “P[ae]n” | Pan; Pen; |
| – | Set a range | [a-z] | a; b; c; …; |
| [^] | Any character except those ones which are in brackets. | [^a-z] | A; B; C; …; 1; 2; … |
| [dD] | Any character whether it is a digit or a non-digit |