Overview
The Insecure Bank application is a deliberately vulnerable Django-based web application designed for security testing and educational purposes. This project demonstrates common security vulnerabilities in web applications and provides a safe environment for security professionals to practice identification and exploitation techniques.
Purpose
This application serves multiple purposes:
- Security Training: Provides a realistic banking application with intentional vulnerabilities for educational purposes
- Security Testing: Allows security teams to test and validate security tools and scanning capabilities
- Development Training: Helps developers understand common security pitfalls and how to avoid them in production code
Technology Stack
The application is built using the following technologies:
- Framework: Django 4.2.4
- Language: Python 3.10+
- Database: SQLite3
- Frontend: Bootstrap CSS with custom JavaScript
- Templating: Django templates
- Containerization: Docker
Key Features
The application includes the following banking features:
- User authentication and session management
- Account dashboard with balance display
- Transaction history viewing
- Fund transfer between accounts
- Credit activity tracking
- Administrative user management
Warning
This application contains intentional security vulnerabilities and should never be deployed to a production environment or exposed to the internet. It is designed exclusively for controlled testing and educational purposes.