Exploit / WAF Test*
Send harmless test vectors to check whether BYB/WAF blocks common exploit signatures.
Check exploit and WAF reactions
This tool sends harmless test patterns to your website and shows whether access is delivered, restricted, blocked or filtered.
Harmless test vectors
The tool uses harmless signatures that imitate common attack patterns.
Clear BYB markers
Marked requests can be recognized as BYB test traffic.
Readable results
Status icons and HTTP codes help you understand the protection reaction.
Page Description
With this test, you can easily check whether your website reliably defends against typical attack attempts. The tool sends harmless test requests that only look like common attack patterns, but do not change anything and cause no harm.
Afterwards, you get a clear overview showing whether the requests were blocked or allowed through. This helps you quickly confirm that your protection is working properly and spot areas that may need better protection. This test is intended only for checking your own website.
*WAF (Web Application Firewall)
WAF means: An additional security layer (e.g. ModSecurity/CDN) that blocks or rate-limits suspicious requests. In this test it triggers when the marked request gets a stronger response (e.g. 429/5xx) than the normal request.
Afterwards, you get a clear overview showing whether the requests were blocked or allowed through. This helps you quickly confirm that your protection is working properly and spot areas that may need better protection. This test is intended only for checking your own website.
*WAF (Web Application Firewall)
WAF means: An additional security layer (e.g. ModSecurity/CDN) that blocks or rate-limits suspicious requests. In this test it triggers when the marked request gets a stronger response (e.g. 429/5xx) than the normal request.
Start a test
Enter a domain or URL, adjust the optional vectors and run the protection check.