Can your users and servers be hijacked without detection?

Pick-Axe Mining Test

Total: Hashes:



Welcome to the CWRT mining tool. Use this tool to test the ability to hijack a user's PC or a Server.


  1. Navigate to this page from the server or computer you want to test, click start if necessary
  2. If the hash numbers increase, you are successfully mining
  3. Check security systems for detection and prevention

***disable pop-up and script blockers***


Why disable script and pop-up blockers? 1) users turn off blockers all the time to let malware in, 2) security systems should alert that mining is happening, 3) regardless of the mining method, security systems should alert


What is does this test prove? What should happen? 

If you have the proper protections in place, when the miner runs, it should be detected on the network, web filtering, and edge firewall devices.  If the mining is prevented, the numbers will not increase.

Successfully mining proves that your network detection and local system EPP/EDR is not preventing miners from running. Sucessfully running the script means you are potentially vulnerable to Crypto-Hijacking, even if you had to turn off browser blockers to do so.



Another awesome security idea brought to you by your friends at:





Don't forget to try our other online security tools:

The worlds most widely used DLP test site:

The worlds only email security test site:







Copyright IGNITE Cyber dba CWRT 2019