Skip to content
A vulnerable demo site for people to learn about Web Application Security
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
SuperSecureBank Added Favicon! Aug 15, 2013
SuperSecureBankService Yikes, big commit! May 18, 2011
.gitignore Small details. Added LICENSE & README files, updated .gitignore Oct 17, 2012
LICENSE Small details. Added LICENSE & README files, updated .gitignore Oct 17, 2012 Update Dec 5, 2012
SuperSecureBank.paf additions and updates Jun 17, 2011
SuperSecureBank.sln Yikes, big commit! May 18, 2011
SuperSecureBank.suo additions and updates Jun 17, 2011

SuperSecure bank is very much a fictional online bank. It was created to help demonstrate common web vulnerabilities. Any resemblance to any other bank is purely coincidental and is actually quite regrettable. This website is truly riddled with security vulnerabilities, do not use any aspect of this site as an example of how to create an online site. Do not reproduce any line of code in a production system. Any failure to do so will likely cause your entire website to become very insecure.

That said, this site is intended to help interested people learn about common web vulnerabilities. Each vulnerability in this system has been seen in the wild in recent history. These vulnerabilities represent a wide array of potential issues that hackers and other malicious users may attempt to exploit. Failure to protect yourself against these types of issues could result in any number of myriad vulnerabilities, not limited to complete server compromise and data loss.

I’ve created this website to help teach, if you have questions about the code, or how to find or fix these issues please feel free to contact me directly at:

I hope you have as much fun breaking this site as I had creating it. Happy Hacking!

You can’t perform that action at this time.