Recent Attacks Submitted:
Client IP: 122.160.65.142 (India)Payload: on=x
Client IP: 103.12.133.19 ()
Payload: <m+xmlns="http://oracle.com/richClient/comm"><k+v="type"><s>action</s></k></m>
Client IP: 103.12.133.19 ()
Payload: <m xmlns="http://oracle.com/richClient/comm"><k v="type"><s>action</s></k></m>
Client IP: 103.12.133.19 ()
Payload: %3Cm+xmlns%3D%22http%3A%2F%2Foracle.com%2FrichClient%2Fcomm%22%3E%3Ck+v%3D%22type%22%3E%3Cs%3Eaction%3C%2Fs%3E%3C%2Fk%3E%3C%2Fm%3E
Client IP: 177.53.174.154 (Brazil)
Payload: YourPayloadHere
Client IP: 69.5.115.189 (United States)
Payload: YourPayloadHereDonald
Client IP: 69.5.115.189 (United States)
Payload: <IMG SRC=javascript:alert(‘XSS’)>
Client IP: 69.5.115.189 (United States)
Payload: <svg><style>{font-family:'<iframe/onload=confirm(1)>'
Client IP: 207.46.13.204 (United States)
Payload: YourPayloadHere
Client IP: 87.69.20.112 (Israel)
Payload: YourPayloadHere
Client IP: 202.154.61.210 (Indonesia)
Payload: YourPayloadHere
Client IP: 182.253.190.46 (Indonesia)
Payload: YourPayloadHere
Client IP: 182.253.190.46 (Indonesia)
Payload: google.com
Client IP: 182.253.190.46 (Indonesia)
Payload: https://www.modsecurity.org/demo/demo-deny.html?test=YourPayloadHere
Client IP: 182.253.190.46 (Indonesia)
Payload: <IMG SRC=javascript:alert(‘XSS’)>
ModSecurity Core Rule Set (CRS)Current CRS Version - 3.0.0-devPlease feel free to inject malicious input to stress test the ModSecurity Core Rule Set (CRS). Requests should be directed to www.modsecurity.org/demo/demo-deny.html with attacks being placed within the "test" parameter. The form accepts both GET and POST request methods. You can either do this via the form below or manually. The data submitted in the page will be sent to a ModSecurity CRS install for inspection and processing. The response page will report any CRS events that triggered.
If you send an attack payload that is not detected by the CRS, please notify us at any of the following places: - OWASP ModSecurity Core Rule Set Mail-list |
Results (txn: (none))(none) All Matched Rules Shown Below |