🎯 WAF Testing Ground

Submit common attack vectors (XSS, SQLi) or specific file types to trigger your Cloudflare WAF rules.

If your WAF intercepts the request, you will see a standard Cloudflare block page instead of a success message.