Course curriculum
-
-
1. Download all the PDF files here
-
-
-
2. API0.2019: What is an API
-
3. API1:2019 Broken Object Level Authorization
-
4. API2:2019 Broken User Authentication
-
5. API3:2019 Excessive Data Exposure
-
6. API4:2019 Lack of rate limiting
-
7. API5:2019 Broken Function Level Authorization
-
8. API6:2019 Mass Assignment
-
9. API7:2019 Security Misconfiguration
-
10. API8:2019 Injection
-
11. API9:2019 Improper Assets Management
-
12. API10:2019 Insufficient Logging & Monitoring
-
-
-
13. API top 10 - 0 through 3
-
14. OWASP API TOP 10 - 4 to 7
-
15. API8-2019 Injection
-
16. API9-2019 improper asset management
-
17. OWASP API top 10 - 10 insufficient logging and monitoring
-
-
-
18. Go to the labs linked on the udemy page
-
-
-
19. A1 - Broken level authorization
-
20. A2 - Broken authentication
-
21. A3 - Excessive information disclosure
-
22. A4 - lack of rate limiting
-
23. A5 - broken function level authorization
-
24. A6 Mass assignment
-
25. A7 - Security misconfiguration
-
26. A8 - Injections
-
27. A9 - Improper asset managment
-
28. A10 - Insufficient logging and monitoring
-
-
-
29. Let's build an API to hack - Part 1: The basics
-
30. Let's build an API to hack - Part 2: Faking it before breaking it
-
31. Let's build an API to hack - Part 3: Information disclosure
-
32. Let’s build an API to hack — Part 4: Mass assignment
-
33. Let's build an API to hack - Part 5: Emulating login and hacking it with postman
-
34. Let's build an API to hack - Part 6: Emulating SQLi and showing possible SSTI
-
35. Building an API part 7: API Broken Access Control Through Replacing HTTP Method
-
36. API roulette - Name the issues
-
37. REST-API-GOAT: Chain postman burp suite
-
38. Hacking an API with postman - theory
-
39. Postman API hacking - Tiredful API
-

About this course
- $12.99
- 49 lessons
- 3.5 hours of video content