Share
## https://sploitus.com/exploit?id=33F44B63-249B-5836-A276-78DA9E5A7250
# Web Application Penetration Testing (WAPT) Simulation
This repository contains a simulated web application penetration test
performed against a deliberately vulnerable banking application.
The assessment identified **23 security vulnerabilities** across multiple
security domains including authentication, authorization, injection,
session management, and security misconfiguration.
## Assessment Scope
Target: BankWeb Application
Environment: Local test environment
Methodology: OWASP Testing Guide
## Key Findings
⢠SQL Injection
⢠Stored and Reflected XSS
⢠Insecure Direct Object References (IDOR)
⢠Horizontal and Vertical Privilege Escalation
⢠Insecure Session Management
⢠CSRF
⢠Weak Authentication Controls
⢠Missing Security Headers
Each finding includes:
- Vulnerability summary
- Steps to reproduce
- Proof of concept
- Impact analysis
- Recommended mitigations