Interactive Demo
Simulate an attack and watch Wooltrap in action
Customer Database (Mixed Real + Decoy Records)
| ID |
Email |
Password Hash |
Type |
| 001 |
john@company.com |
$2b$12$... |
✓ REAL |
| 002 |
admin@secure.io |
$2b$12$DECOY... |
âš¡ DECOY |
| 003 |
sarah@startup.co |
$2b$12$... |
✓ REAL |
| 004 |
ceo@enterprise.com |
$2b$12$DECOY... |
âš¡ DECOY |
| 005 |
hr@talent.tech |
$2b$12$DECOY... |
âš¡ DECOY |
🔴 How It Works
- Attacker finds SQL injection vulnerability
- They dump the "customer database"
- 60% of records are convincing decoys (realistic emails, fake password hashes)
- Accessing any decoy triggers instant pink alert
- Security team gets attacker IP, timestamp, and attribution data