API Security Testing Guide by The XSS Rat
-
$12.99
-
49 lessons
-
3.5 hours of video content
Learn essential skills to prevent security threats for API-based applications.
1. Download all the PDF files here
2. API0.2019: What is an API
3. API1:2019 Broken Object Level Authorization
4. API2:2019 Broken User Authentication
5. API3:2019 Excessive Data Exposure
6. API4:2019 Lack of rate limiting
7. API5:2019 Broken Function Level Authorization
8. API6:2019 Mass Assignment
9. API7:2019 Security Misconfiguration
10. API8:2019 Injection
11. API9:2019 Improper Assets Management
12. API10:2019 Insufficient Logging & Monitoring
13. API top 10 - 0 through 3
14. OWASP API TOP 10 - 4 to 7
15. API8-2019 Injection
16. API9-2019 improper asset management
17. OWASP API top 10 - 10 insufficient logging and monitoring
18. Go to the labs linked on the udemy page
19. A1 - Broken level authorization
20. A2 - Broken authentication
21. A3 - Excessive information disclosure
22. A4 - lack of rate limiting
23. A5 - broken function level authorization
24. A6 Mass assignment
25. A7 - Security misconfiguration
26. A8 - Injections
27. A9 - Improper asset managment
28. A10 - Insufficient logging and monitoring
29. Let's build an API to hack - Part 1: The basics
30. Let's build an API to hack - Part 2: Faking it before breaking it
31. Let's build an API to hack - Part 3: Information disclosure
32. Let’s build an API to hack — Part 4: Mass assignment
33. Let's build an API to hack - Part 5: Emulating login and hacking it with postman
34. Let's build an API to hack - Part 6: Emulating SQLi and showing possible SSTI
35. Building an API part 7: API Broken Access Control Through Replacing HTTP Method
36. API roulette - Name the issues
37. REST-API-GOAT: Chain postman burp suite
38. Hacking an API with postman - theory
39. Postman API hacking - Tiredful API