This is a quick explanation of a simple software term for anyone who is less inclined to read a Wikipedia explanation and prefers the explain-like-Im-five approach. Programmers rely on regular expressions (regex) to identify and parse patterns in text or other data. A regular expression allows a developer to specify a pattern and then run that pattern search over a payload and identify any matches. Most of the time, hackers use regex in the form of “grep” to find files on a computer through a console. Or when scraping websites or quickly sifting through a large amount of data.

A simple example of this would be to say in plain English: Find me all words containing the letters “r,” “e,” “d” in that order and case. This would match the bold characters only in the following sentence:
Fred likes go to bed after eating his bread. He also really loves the color red.

Through the development of more advanced matching formulas and algorithms, regex has evolved to become prevalent in many forms of programming and subsequently hacking. With a more complex formula, newer information can be extracted and parsed, and machine learning algorithms can be created to start building intelligent systems that understand everything from human sentiment to hidden messages.

Here is another example that matches the first letter of every word to show a “hidden message”

Someone that happens across it without knowing the code might see just a seemingly weird message and perhaps it as some internet troll, but shared between two people who understand the pattern, an entire subtext can be hidden. These simple ciphers are used by some of the more cryptic hackers to regularly obfuscate their communications, especially when talking through public channels. Likewise, security researchers and government agencies try to create their own regex patterns to discover these “hidden in plain sight” ciphers and create smarter algorithms to decipher them.

Categorized in: