Offensive API Exploitation course by Vikash Chaudhary is an advanced, hands-on training program designed for cybersecurity professionals aiming to master the art of attacking and securing APIs. Master API Hacking with Real-World Exploits: BOLA, SSRF, Auth Bypass & API Bug Bounty Techniques
Syllabus
- Course Introduction
- Lab Setup & Postman Document Sharing
- Using Postman tool for API Security Testing
- Preparing for API Pentest
- OWASP API TOP 10
- SQL Injection
- Command Injection
- Offensive XXE Exploitation
- Server Side Request Forgery
- Cross Site Scripting
- Transport Layer Security Issues
- Mass Assignment Attack
- Broken Object Level Authorization issues
- File Path Traversal
- User Enumeration
- Information Disclosure
- JSON Web Token
- Unauthorized Password Change
- Excessive Data Exposure
- Lack of Resource & Rate Limiting
- Regular Expression DOS Attack
- BFLA Issues
- Billion Laugh Attack
- Hidden API Functionality Exposure
- RCE Via Deserialization in API
