InsecureBankv2 – Vulnerable Android Application

Information security awareness training may include several demo that describe how attacker may exploit vulnerabilities on system to gain full control on remote devices. If you are looking to demonstrate android application you can use InsecureBankv2.

This tool was updated during the BlackHat arsenal and is available for users online, the purpose of this project is to provide security enthusiasts and developers a way to learn the Android insecurities by testing this vulnerable application. The list of vulnerabilities that are currently included in this release are:

  • Flawed broadcast receivers
  • Weak authorization mechanism
  • Root detection and bypass
  • Local encryption issues
  • Vulnerable activity components
  • Insecure content provider access
  • Insecure webview implementation
  • Weak cryptography implementation
  • Application patching
  • Sensitive information in memory


You can read more and download the tool over here:

Notify of
Inline Feedbacks
View all comments