Attack & Defense Essential

🔒 Security Level Configuration

Choose your protection level to see how different configurations handle attacks

🟢 Low (No Protection)

🟡 Medium (Basic WAF)

🔴 High (Advanced WAF)

🛡️ Cloudflare (Full Protection)

💉 SQL Injection HIGH RISK

User ID (Vulnerable Parameter):

💡 Try these payloads:

1' OR '1'='1

1; DROP TABLE users;--

1' UNION SELECT password FROM admin--

Ready to test SQL injection...

🚨 Cross-Site Scripting (XSS) HIGH RISK

Message (Reflected in page):

💡 Try these payloads:

Ready to test XSS...

⚡ Command Injection HIGH RISK

IP Address to Ping:

💡 Try these payloads:

127.0.0.1; cat /etc/passwd

127.0.0.1 && whoami

127.0.0.1 | ls -la

Ready to test command injection...

📁 File Upload Vulnerability MEDIUM RISK

Filename:

💡 Try these filenames:

shell.php

backdoor.asp

../../../etc/passwd

Ready to test file upload...

🔄 Cross-Site Request Forgery MEDIUM RISK

New Password:

💡 CSRF Attack Scenarios:

Hidden form auto-submit

Malicious image src attribute

AJAX request from malicious site

Ready to test CSRF...

📂 Directory Traversal MEDIUM RISK

File Path:

💡 Try these paths:

../../../etc/passwd

..\\..\\..\\windows\\system32\\drivers\\etc\\hosts

....//....//....//etc//passwd

Ready to test directory traversal...

🔒 Security Level Configuration

📊 Real-time Attack Statistics

💡 Try these payloads:

💡 Try these payloads:

💡 Try these payloads:

💡 Try these filenames:

💡 CSRF Attack Scenarios:

💡 Try these paths: