Walkthrough : InsecureBankv2





Few points

Summary Scan Report of Android-InsecureBankv2

Static Analysis

Here I have found few information

1) Application Signature is vulnerable

2) Some Application Permissions are vulnerable

3) Manifest Analysis

4) Possible Hardcoded Secrets

5) Activities

Some Other Vulnerabilities

Login Bypass


  1. Write External Sotrage there is no need to provide this on application the attacker can insert malicious data in storage its vulnerable.
  1. Insecure Communication : Application is weak communication method bcoz its using http method which is not secure because it does not use TLS/SSL to encrypted the request.

Dynamic Analysis




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store