OWASP Mutillidae II: Keep Calm and Pwn On
Version: 2.12.7 Security Level: 5 (Secure)
Hints: Disabled
Not Logged In
Home
|
Login/Register |
Toggle Security
|
Enforce TLS
|
Reset DB
|
View Log
|
View Captured Data
Content Security Policy (CSP)
Switch to Cross-Site Scripting (XSS)
Switch to Cross-Origin Resource Sharing (CORS)
Current Content Security Policy (CSP) Report To Endpoints
Report-To: {"group": "csp-endpoint", "max_age": 10886400, "endpoints":[{"url": "includes/capture-data.php"}]}
Current Content Security Policy (CSP)
Content-Security-Policy: script-src 'self' 'nonce-42403807185f9caa4b3016ff0ff0075d2cb8a959d8145d1f4ed6e8e0d4122da6'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; img-src 'self' www.paypalobjects.com; connect-src 'self' cors.mutillidae.localhost; font-src fonts.googleapis.com fonts.gstatic.com; frame-src 'self'; media-src 'none'; object-src 'none'; worker-src 'none'; child-src 'none'; manifest-src 'none'; form-action 'self'; frame-ancestors 'none'; base-uri 'none'; report-uri includes/capture-data.php; report-to csp-endpoint;
Browser: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
PHP Version: Not Available (Secure mode doesn't reveal the server version)