diff --git a/modules/qualifying/learning_regex.md b/modules/qualifying/learning_regex.md
index fbe2959..ba2f12e 100644
--- a/modules/qualifying/learning_regex.md
+++ b/modules/qualifying/learning_regex.md
@@ -151,3 +151,10 @@ I've tested all of the challenges myself but there are a lot of different ways t
 	* extract all web links
 		* only the base link (https://www.example.co.uk)
 		* both http and https links
+
+## Extra challenges
+
+Regex patterns on their own are nice but can get a bit boring.
+Try to integrate them into script to discover their true power.
+An example would be to take the IP addresses from the [auth.log](./assets/auth.log) file and do a region discovery on them.
+You can save all the country codes to a file and do an analysis on them to see where all the attacks are coming from.