ModSecurity CRS Evasion Testing Demo
The ModSecurity Demo allows users to easily test the effectiveness of the OWASP CRS rules. Any data is sent
to a ModSecurity install for inspection and processing. The response body
will then list any rules that triggered.
XSS Mitigation with Content Injection Demo
ModSecurity Protecting Commercial Web App Vuln Scanner Demo Sites
We have setup ModSecurity to proxy to the following 4 commercial vuln scanner demo sites:
If ModSecurity sees any inbound attacks or outbound application defects/info leakages, it will prepend a warning banner to the top of the page.
- IBM (AppScan) - demo.testfire.net site
- Cenzic (HailStorm) - CrackMe Bank site
- HP (WebInspect) - Free Bank site
- Acunetix (Acunetix) - Acuart site