API Security Testing Guide by The XSS Rat

Buy $12.99

Course curriculum

1. 1. Download all the PDF files here
1. 2. API0.2019: What is an API
2. 3. API1:2019 Broken Object Level Authorization
3. 4. API2:2019 Broken User Authentication
4. 5. API3:2019 Excessive Data Exposure
5. 6. API4:2019 Lack of rate limiting
6. 7. API5:2019 Broken Function Level Authorization
7. 8. API6:2019 Mass Assignment
8. 9. API7:2019 Security Misconfiguration
9. 10. API8:2019 Injection
10. 11. API9:2019 Improper Assets Management
11. 12. API10:2019 Insufficient Logging & Monitoring
1. 13. API top 10 - 0 through 3
2. 14. OWASP API TOP 10 - 4 to 7
3. 15. API8-2019 Injection
4. 16. API9-2019 improper asset management
5. 17. OWASP API top 10 - 10 insufficient logging and monitoring
1. 18. Go to the labs linked on the udemy page
1. 19. A1 - Broken level authorization
2. 20. A2 - Broken authentication
3. 21. A3 - Excessive information disclosure
4. 22. A4 - lack of rate limiting
5. 23. A5 - broken function level authorization
6. 24. A6 Mass assignment
7. 25. A7 - Security misconfiguration
8. 26. A8 - Injections
9. 27. A9 - Improper asset managment
10. 28. A10 - Insufficient logging and monitoring
1. 29. Let's build an API to hack - Part 1: The basics
2. 30. Let's build an API to hack - Part 2: Faking it before breaking it
3. 31. Let's build an API to hack - Part 3: Information disclosure
4. 32. Let’s build an API to hack — Part 4: Mass assignment
5. 33. Let's build an API to hack - Part 5: Emulating login and hacking it with postman
6. 34. Let's build an API to hack - Part 6: Emulating SQLi and showing possible SSTI
7. 35. Building an API part 7: API Broken Access Control Through Replacing HTTP Method
8. 36. API roulette - Name the issues
9. 37. REST-API-GOAT: Chain postman burp suite
10. 38. Hacking an API with postman - theory
11. 39. Postman API hacking - Tiredful API
1. 40. Video: API firewall
2. 41. API Firewall guide
1. 42. API hacking with postman Part 1 - getting the basics down
2. 43. API hacking with postman Part 2 - importing the API description
3. 44. API hacking with postman Part 3 Pre-request scripts, tests and console
4. 45. API hacking with postman Part 4 - Getting dirty with data sources
1. 46. API Testing
2. 47. Swagger and OpenAPI
3. 48. API Security - Top 10 Best Practices
4. 49. How to secure your rest API from attackers

About this course

$12.99
49 lessons
3.5 hours of video content

API Security Testing Guide by The XSS Rat

Course curriculum

Section 1: Notion Notes - Download - HTML Version

Section 2: PDFs: OWASP APO TOP 10

Section 3: Video's: OWASP API TOP 10

Section 4: Labs: API TOP 10

Section 5: Video's: API TOP 10 Demonstrated

Section 6: Building and hacking an API

Section 7: API Firewalls

Section 8: API Hacking with Postman

Section 9: Extra's

About this course