Trust me, I am not a Bad Guy!

This application (Bad-Guy) is created to demo Cross Frame Scripting. Application is completely harmless.

Click this login page to see XFS in action. X-FRAME-OPTIONS is set to SAMEORIGIN.

Click this login2 page to see XFS in action. Content-Security-Policy: frame-ancestors 'self' badguy.aspnet4you.com; script-src 'self' 'unsafe-inline' badguy.aspnet4you.com;.

Terms & Privacy.