# Regex

## Weak Comparison

```
((STRCMP).*== *0|0 *== *(STRCMP))
```

```
==
```

## Weak Filtering

```
(PREG_REPLACE)[ \('"]*/ *[a-z0-9]{2,}
```

## Deserialization

#### Regex to find unserialize function followed by anything being passed a variable.

```
unserialize\(.*(\$)*
```