Interactive E-Skimming Labs
Hands-on cybersecurity training for understanding and defending against payment card skimming attacks
Available Labs
Choose from our interactive labs designed to teach you about different e-skimming attack techniques and defense strategies.
Basic Magecart Attack
Learn the fundamentals of payment card skimming attacks through JavaScript injection. Understand how attackers compromise e-commerce sites, intercept form submissions, and exfiltrate credit card data. Practice detection using browser DevTools and implement basic defensive measures.
Start LabDOM-Based Skimming
Master advanced DOM manipulation techniques for stealthy payment data capture. Learn real-time field monitoring, dynamic form injection, Shadow DOM abuse, and DOM tree manipulation. Understand how attackers bypass traditional detection methods.
Start LabBrowser Extension Hijacking
Explore sophisticated browser extension-based attacks that exploit privileged APIs and persistent access. Learn about content script injection, background script persistence, cross-origin communication, and supply chain attacks through malicious extensions.
Start LabLearning Resources
Explore our comprehensive resources to deepen your understanding of e-skimming attacks.
MITRE ATT&CK Framework
Explore the comprehensive MITRE ATT&CK matrix specifically tailored for e-skimming attacks and payment card fraud.
View ATT&CK MatrixInteractive Threat Model
Visualize attack vectors and understand the threat landscape with our interactive threat modeling tool.
Explore Threat Model