Zen by Aikido: Live Example

Zen, developed by Aikido, is designed to protect your web applications from a wide range of vulnerabilities. This is a live example app. Zen is installed and configured to protect this application. Here you can experiment with different types of injection attacks, user blocking, rate-limiting, bot blocking to see how Zen is able to protect against unwanted behavior at runtime.

→ Install Zen and start securing your web applications today!

Test different vulnerabilities:

Test rate-limiting and bot blocking

You can test our rate limiting features with the following button, this is equivalent to running the following cURL command

curl ...test_ratelimiting_1 Test rate-limiting (max 3 requests / minute)


---

You can test our bot blocking features with the following button, this is equivalent to running the following cURL command

Note: This only works on Firefox, Chromium-based browsers currently have an issue with setting the User-Agent in a fetch request (see here). You can still test it out with the cURL command below

curl \
-H "User-Agent: Mozilla/5.0 (compatible; Bytespider/1.0; +http://bytespider.com/bot.html)" \
-X GET ... Test bot blocking (safe header) Test bot blocking (dangerous header)


User blocking

In this example app the user is determined by a user header, we provided some examples here

curl \
-H "user: 123456" \
-X GET ... Request with allowed user (ID: 123456)


---

curl \
-H "user: 789" \
-X GET ... Request with blocked user (ID: 789)


IP Blocking

Demo-ing the IP Blocking capabilities isn't super easy. We offer support for geo-ip blocking, blocking of malicious actor and blocking Tor traffic

We enabled the blocking of Tor traffic on this site to demo the IP Blocking capabilities as best as we could.

→ Download Tor Browser

AI Usage

Large language models are awesome, but providing them with user input opens up the door to abuse. Try out our monitoring and protection methods below.

Your message: Provider: OpenAI Anthropic Mistral Send