Recent Attacks Submitted:
Content-Length: 69 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate Accept-Language: de,en-US;q=0.9,en;q=0.8 Transfer-Encoding : chunked 3a username=peter.uhlich%40glossybox.de&password=asdasdasdsad 0
ModSecurity Core Rule Set (CRS)Current CRS Version - 3.0.0-devPlease feel free to inject malicious input to stress test the ModSecurity Core Rule Set (CRS). Requests should be directed to www.modsecurity.org/demo/demo-deny.html with attacks being placed within the "test" parameter. The form accepts both GET and POST request methods. You can either do this via the form below or manually. The data submitted in the page will be sent to a ModSecurity CRS install for inspection and processing. The response page will report any CRS events that triggered.
If you send an attack payload that is not detected by the CRS, please notify us at any of the following places: - OWASP ModSecurity Core Rule Set Mail-list |
Results (txn: (none))(none) All Matched Rules Shown Below |