Tinker Tools

Regex Tester Live

Test and debug regular expressions in real time. All processing is done locally in your browser—your data never leaves your device.

Regex Pattern//g
Test String0 chars

How it works

1. Write Your Pattern

Enter a regular expression pattern in the input field. Choose flags like global, case-insensitive, multiline, and dotAll from the settings panel.

Local Processing

2. Test Against Text

Paste or type your test string. Matches are highlighted in real time as you edit either the pattern or the test string — no submit button needed.

Real-Time Matching

3. Inspect Match Details

View each match with its text, position index, and named capture groups. Copy the full regex pattern with flags to use in your code.

Group Support

What is Regular Expression Testing?

Regular expressions — regex for short — are patterns that describe sets of strings. They are one of the most powerful tools in a developer's toolkit and one of the most misunderstood. A regex can match an email address, extract a date from a log line, validate a phone number format, find and replace across thousands of files, or parse structured text that does not have a formal grammar. Every major programming language supports regex: JavaScript, Python, Java, Go, Rust, Ruby, C#, and PHP all ship with built-in regex engines. A regex tester lets you write, test, and debug these patterns interactively without writing and running code each time you want to check if a pattern matches.

The syntax looks cryptic at first — a pattern like ^(?:[a-zA-Z0-9._%+-]+)@(?:[a-zA-Z0-9.-]+)\.(?:[a-zA-Z]{2,})$ is not exactly readable prose. But each piece has a specific meaning. The caret anchors to the start of the string. The character classes in square brackets define allowed characters. The quantifiers (+ and {2,}) specify how many times a character can repeat. The parentheses group sub-patterns. The backslash-dot matches a literal period. A regex tester breaks down each part of the pattern, highlights matches in your test text, and shows you which groups captured what. This feedback loop is what turns regex from a write-only language into something you can reason about and debug.

Different programming languages use different regex flavors, and the differences matter. JavaScript regex does not support lookbehind assertions in older engines — though modern V8 does. Python's re module supports named groups with (?P<name>...) syntax while JavaScript uses (?<name>...) instead. PCRE — Perl Compatible Regular Expressions, used by PHP and many tools — supports recursive patterns and conditional matching that most other flavors lack. A regex tester that lets you select your target flavor ensures the pattern you build actually works in the language you are deploying to, not just in the tester's own engine.

Key Features and Benefits

  • Real-Time Match Highlighting As you type your regex pattern, matches in the test text are highlighted instantly. You see which parts of the text match and which do not — no need to click a button or run a script. This immediate feedback makes it easy to iteratively refine a pattern. Add a character class, see the matches change. Adjust a quantifier, watch the highlighted region expand or contract. This interactive loop is dramatically faster than the traditional edit-compile-run cycle of testing regex in application code.
  • Capture Group Visualization Capture groups — defined by parentheses — are how you extract specific parts of a match. A pattern for a date like (\d{4})-(\d{2})-(\d{2}) captures year, month, and day separately. The tester shows each group's captured value in a structured view, with group numbers and named group labels displayed clearly. Nested groups, non-capturing groups (?:...), and backreferences (\1, \2) are all visualized so you can verify that your groups capture exactly what you intend.
  • Multi-Flavor Support Select between JavaScript, Python, PCRE, Java, Go, .NET, and Rust regex flavors. Each flavor has its own quirks. JavaScript does not support possessive quantifiers (++, *+) or atomic groups. Python uses (?P<name>...) for named groups. Go's RE2 engine does not support backreferences or lookahead at all — by design, to guarantee linear-time matching. The tester flags features that are not supported in your chosen flavor so you do not write a pattern that works in the tester but fails in production.
  • Regex Explanation and Breakdown The tester parses your pattern and generates a human-readable explanation of each token. The pattern \b\w+@\w+\.\w{2,}\b gets broken down into: word boundary, one or more word characters, literal at sign, one or more word characters, literal dot, two or more word characters, word boundary. This breakdown is invaluable when you are reading someone else's regex — or your own from six months ago. It turns the cryptic syntax into plain English that you can review for correctness.
  • Substitution and Replacement Testing Regex is not just for matching — search and replace is one of its most common uses. The tester lets you define a replacement string with backreferences ($1, $2 or \1, \2 depending on flavor) and see the result immediately. Replace all dates in YYYY-MM-DD format with DD/MM/YYYY by capturing groups and reordering them. Replace camelCase identifiers with snake_case using a pattern that matches uppercase letters and inserts underscores. You see the before and after side by side.
  • Performance Analysis and ReDoS Detection Some regex patterns can take exponential time on certain inputs — a vulnerability known as ReDoS, Regular Expression Denial of Service. A pattern like (a+)+ applied to a string of a characters followed by a non-matching character triggers catastrophic backtracking. The regex engine tries every possible way to divide the a characters between the inner and outer group before finally failing. The tester includes a performance analyzer that warns you when your pattern is susceptible to this kind of exponential blowup and suggests safer alternatives.

How to Test Regular Expressions

  1. 1

    Choose Your Regex Flavor

    Start by selecting the programming language or regex engine you will use in production. This is not a cosmetic choice — it determines which features are available. If you are writing a JavaScript frontend, select JavaScript. If you are writing a Python data pipeline, select Python. If you are configuring an Nginx rewrite rule, select PCRE. Getting this right from the start prevents the frustrating experience of building a perfect pattern that fails when you paste it into your code because the flavor does not support a feature you used.

  2. 2

    Enter Your Test Text

    Paste or type the text you want to match against. Use real-world samples whenever possible — not contrived examples. If you are building a pattern to parse log files, paste actual log lines. If you are validating email addresses, include edge cases: addresses with plus signs ([email protected]), dots in the local part, subdomains, and deliberately invalid inputs that should not match. The more representative your test text, the more confident you can be that your pattern handles production data correctly.

  3. 3

    Build Your Pattern Incrementally

    Do not try to write the entire regex at once. Start with the simplest possible pattern that matches something, then extend it piece by piece. To match a date, start with \d+ to match any number, then narrow to \d{4} for the year, then add the dash and month \d{4}-\d{2}, and keep going. Watch the highlights change with each modification. This incremental approach is far more effective than staring at a complex pattern trying to figure out why it does not work — you see exactly where each addition changes the match behavior.

  4. 4

    Examine Groups and Matches

    Once your pattern matches the right text, check the capture groups. Are they capturing exactly the substrings you need? A common mistake is forgetting that quantifiers inside a group capture only the last iteration. The pattern (\w+,)+ applied to "a,b,c," captures only "c," in the group — not all three values. If you need all iterations, you typically need to match the overall pattern and then split or use a global flag to find all matches. The tester's group view shows you exactly what each group captured so you can spot these issues immediately.

  5. 5

    Test Edge Cases and Export

    Before using your pattern in production, test it against boundary conditions. An empty string, a string with only whitespace, a string with Unicode characters, an input that is 10,000 characters long. Check that non-matching inputs genuinely do not match — false positives are worse than false negatives in most validation scenarios. Once satisfied, copy the pattern. The tester provides the exact code snippet for your chosen language: re.compile() for Python, new RegExp() for JavaScript, Pattern.compile() for Java. Paste it directly into your codebase.

Expert Tips for Regular Expressions

Understand greedy versus lazy quantifiers — this is the source of most regex surprises. By default, quantifiers are greedy: .* matches as much text as possible. Given the input <b>hello</b><b>world</b>, the pattern <b>.*</b> matches the entire string from the first <b> to the last </b>, not just <b>hello</b>. Adding a question mark makes it lazy: <b>.*?</b> matches the shortest possible string, giving you <b>hello</b> and <b>world</b> as separate matches. The mental model is simple: greedy eats everything first and gives back only what it must; lazy takes only what it must and stops as soon as possible. Use lazy quantifiers when you want the shortest match, which is almost always the case when matching delimited content.

Lookahead and lookbehind assertions — collectively called lookarounds — are zero-width assertions that check context without consuming characters. A positive lookahead (?=...) succeeds if the pattern ahead matches. A negative lookahead (?!...) succeeds if the pattern ahead does not match. The same logic applies to lookbehinds: (?<=...) and (?<!...). These are indispensable for patterns like: match a number only if it is followed by a percent sign (\d+(?=%)), or match a word only if it is not preceded by a dollar sign ((?<!\$)\w+). The key insight is that lookarounds do not move the match position — they look ahead or behind and then the engine continues from where it was. This makes them perfect for context-dependent matching without including the context in the match result.

Catastrophic backtracking is a real security concern, not just a theoretical curiosity. If your application accepts user-supplied regex — like a search feature that lets users enter patterns — or if your server-side regex processes untrusted input, a malicious or accidentally pathological pattern can pin a CPU core at 100% for minutes. The classic vulnerable pattern structure is nested quantifiers: (a+)+, (a|a)+, or (a*)*. Applied to a non-matching input of sufficient length, the engine explores an exponential number of paths. The fix is threefold: use RE2 or a similar engine that guarantees linear-time matching (Go uses RE2 by default), set a timeout on regex execution, and validate or restrict the patterns your application accepts. Never trust user-supplied regex in a production system without these safeguards.

Build a library of tested patterns for common tasks instead of reinventing the wheel. IPv4 addresses: (?:(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d\d?) — this validates each octet is between 0 and 255. URLs: a proper URL regex is surprisingly long because of the variety of schemes, authority formats, path characters, query parameters, and fragments. Email addresses: the fully RFC 5322 compliant regex is over 6,000 characters long and impractical to use. The practical approach is a simplified pattern that covers 99.9% of real-world addresses — something like ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ — combined with a confirmation email for true validation. Do not try to be perfect with regex where a simpler pattern plus additional validation logic is more maintainable and just as effective.

Related Tools

Regex testing is part of a broader text processing workflow. After building a replacement pattern, the text diff tool lets you compare the original and modified text to verify the regex did exactly what you intended — no more, no less. When your regex matches HTML content that needs to be embedded safely in another context, the HTML encoder handles the escaping. And password generation often goes hand-in-hand with password validation, where regex defines the rules — at least one uppercase letter, at least one digit, minimum length, and so on. These tools complement the regex tester for real-world text manipulation tasks.

Frequently Asked Questions

Recommended Tools