Attack Mode Activemonitoring
FrontGuard
Pick a module, trigger a real exploit, then toggle to Secure Mode to see the fix. Each module explains what is happening, why it's dangerous, and how to fix it.
0
Exploits
0
Blocked
0
Total logs
All modules show vulnerable implementations. Exploits will actually execute. Toggle Secure Mode to see fixes.
Runtime Guard
Operational
CSP Enforcement
Report-only
3rd-party Scripts
Clean
Report Pipeline
Streaming
Security Modules
5 modules · click to open
critical
XSS Playground
Inject HTML/JS into unsafe vs sanitized renderers. See real-time output differences.
> Try: <img src=x onerror="alert(1)">
innerHTMLDOMPurifyCSP
Open module
high
Auth Simulation
Compare localStorage token storage vs httpOnly cookie simulation.
> Login as admin / admin123, then inspect localStorage
JWTlocalStoragecookies
Open module
high
API Security
Demo unprotected endpoints vs rate-limited, auth-required versions.
> Click Fetch Without Auth — watch it return SSN and salary data
Rate limitingAuth headersCORS
Open module
medium
RBAC Demo
Frontend-only protection vs server-enforced role-based access control.
> Select guest role, then try the Delete action
AdminRolesPermissions
Open module
medium
DevTools Bypass
Show how UI restrictions can be bypassed in DevTools. Then enforce at API.
> Click "Simulate Bypass" to watch a DevTools attack unfold
DOM manipulationJS consoleAPI validation
Open module
Security Log(0)live
Monitoring runtime activity… waiting for events
Stream will begin shortly