A vulnerable banking web application designed for penetration testing and security analysis as part of the PFA (Projet de Fin d'Année).
This application is intentionally vulnerable. Do not expose it to public networks, as it may compromise your machine.
- MySQL (Ensure MySQL server is running)
- Node.js & npm (Latest LTS recommended)
-
Clone the repository:
git clone https://github.com/NabilMouzouna/Aabil-bank.git cd Aabil-banking -
Install dependencies:
npm install
-
Set up environment variables:
- Create a
.env.localfile in the project root. - Add the following parameters:
DB_HOST=your_mysql_host DB_USER=your_mysql_user DB_PASSWORD=your_mysql_password DB_NAME=your_database_name
- Create a
-
Initialize the database:
- Start the server temporarily:
npm run dev
- Open your browser or use a tool like cURL to visit:
http://localhost:3000/api/init-db
- This will create the necessary database tables.
- Start the server temporarily:
-
Run the application:
npm run dev
- The app will be accessible locally at
http://localhost:3000.
- The app will be accessible locally at
This application is for educational purposes only. Use it responsibly within a controlled environment (e.g., a virtual machine). Exposing it to the public may result in security risks.