# Secure Bank

<figure><img src="https://677614291-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrRWtuMw6xkkeDjZfkcWC%2Fuploads%2FYbxNCsPWp3sloA2iYADQ%2Fimage.png?alt=media&#x26;token=d1733367-2f3c-40c1-8b94-da309f6a93a2" alt=""><figcaption><p><a href="https://owasp.org/www-project-securebank/">https://owasp.org/www-project-securebank/</a></p></figcaption></figure>

**SecureBank** is a FinTech application which contains all **OWASP TOP 10** security vulnerabilities along with some other security flaws found in real-world applications.

You can read more about SecureBank and OWASP top 10 vulnerabilities [here](https://ssrd.gitbook.io/securebank/).&#x20;

* [Install & configure Secure Bank](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/secure-bank/install-and-configure-secure-bank)
* aaaaa
* bbbbb
* cccccc
* cccc

***

## [Install & configure](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/secure-bank/install-and-configure-secure-bank)

## Infrastructure

On the image below you can review how the application is built from the infrastructure point of view.&#x20;

<figure><img src="https://677614291-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrRWtuMw6xkkeDjZfkcWC%2Fuploads%2F7FLGy2J2NqA3Mqqvj3gg%2Fimage.png?alt=media&#x26;token=c533db63-e0d3-4470-bad3-5fde80657623" alt=""><figcaption></figcaption></figure>

***

### Default users:

```
admin@ssrd.io:admin
developer@ssrd.io:test
yoda@ssrd.io:test
tester@ssrd.io:test
```

### Ports

* 80 on this port SecureBank is accessible
* 1080 is maildev server for user registration
* 5000 is hidden API

### CTF-Mode

If you want to run SecureBank in CTF mode we have also prepared this option. It will create CTFd compatible export file.

Run `docker run -d -p 80:80 -p 5000:5000 -p 1080:1080 -e 'AppSettings:Ctf:Enabled=true' -e 'AppSettings:Ctf:Seed=example' -e 'SeedingSettings:Admin=admin@ssrd.io' -e 'SeedingSettings:AdminPassword=admin' ssrd/securebank`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dev-angelist.gitbook.io/writeups-and-walkthroughs/secure-bank.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.