rewanthtammana/Damn-Vulnerable-Bank โ€” GitHub Repository Preview
Security & Pentesting โ˜… 735 Java

rewanthtammana/Damn-Vulnerable-Bank

by @rewanthtammana ยท

735 Stars
231 Forks
2 Issues
Java Language

Damn Vulnerable Bank is an intentionally vulnerable Android banking application designed for learning mobile security testing. Features authentication, fund transfers, beneficiary management, and transaction history โ€” all with deliberate security flaws. Includes root/emulator detection bypasses, anti-debugging weaknesses, hardcoded secrets, logcat data leakage, exported activities, and IDOR vulnerabilities. Provides a backend REST API and downloadable APK for hands-on Android security training.

Author avatar for @rewanthtammana
@rewanthtammana Project maintainer on GitHub
View Profile
View on GitHub
git clone https://github.com/rewanthtammana/Damn-Vulnerable-Bank.git

Quick Start Example

bash 
# Clone and setup backend
git clone https://github.com/rewanthtammana/Damn-Vulnerable-Bank
cd Damn-Vulnerable-Bank/BackendServer
npm install && node index.js

# Install APK on Android device/emulator
adb install DamnVulnerableBank.apk

# Vulnerabilities to practice:
# - Root detection bypass
# - Hardcoded secrets
# - IDOR in fund transfers

Tags

#android#mobile-security#vulnerable-app#pentesting#training#java

Related Projects