Practical API Hacking provides you with everything you need to start hacking APIs. This course was designed for beginners and those familiar with web application hacking but want to expand their skill set.
The course covers industry-standard tools such as Burp Suite and Postman, and how to find and exploit vulnerabilities common to applications powered by APIs. Throughout the course there are demonstration labs to help you understand the theory, and challenges to make sure you get hands-on experience too.
Syllabus
- Welcome to the Course!
- Introduction
- Lab Setup
- Enumerating APIs
-
Attacking Authorization
- Attacking Authentication
- Injection
-
Mid-course Capstone
- Mass Assignment
- Excessive Data Exposure
- SSRF – Server-side Request Forgery
- Chaining Vulnerabilities
- Final Capstone
