ParaBank

ParaBank is a fictional web-based banking application used as a teaching and testing platform for web application security and software testing. It provides a simplified environment with user authentication, accounts, transfers, transaction history, and basic banking operations, intended for hands-on learning. The project is commonly distributed as open-source and deployed in classroom or lab settings to demonstrate both typical banking workflows and common security vulnerabilities. In many deployments ParaBank includes intentionally insecure configurations or sample data to illustrate issues such as SQL injection, cross-site scripting, insecure direct object references, and session management weaknesses, often accompanied by guided exercises and remediation steps.

Historically, ParaBank emerged as a lightweight demonstration tool in the security education community and has been

Usage and deployment: It can be run locally on a development server or hosted in a virtual