Autoplay
Autocomplete
Previous Lesson
Complete and Continue
API testing and securing guide
Videos OWASP API TOP 10
API TOP 10 - 0 through 3 (28:57)
OWASP API TOP 10 - 4 to 7 (31:47)
API8-2019 Injection (9:41)
API9-2019 improper asset management (7:16)
OWASP API top 10 - 10 insufficient logging and monitoring (1:31)
PDFs OWASP API Top 10
API0.2019: What is an API?
API1:2019 Broken Object Level Authorization
API2:2019 Broken User Authentication
API3:2019 Excessive Data Exposure
API4:2019 Lack of rate limiting
API5:2019 Broken Function Level Authorization
API6:2019 Mass Assignment
API7:2019 Security Misconfiguration
API8:2019 Injection
API9:2019 Improper Assets Management
API10:2019 Insufficient Logging & Monitoring
Videos: API top 10 demonstrations
A1 - Broken level authorization (2:19)
A2 - Broken authentication (0:55)
A3 - Excessive information disclosure (1:02)
A4 - lack of rate limiting (0:46)
A5 - broken function level authorization (2:13)
A6 - Mass assignment (2:16)
A7 - Security misconfiguration (0:33)
A8 - Injections (1:20)
A9 - Improper asset management (1:01)
A10 - Insufficient logging and monitoring (1:13)
Top10.zip
Defending the API you built
How to secure your REST API from attackers?
API Security - Top 10 Best Practices
API firewall - What is it and how do we install it? (18:41)
API Firewall guide
Hacking APIs
Swagger and OpenAPI
API Testing guide
API hacking with postman Part 1 - getting the basics down (20:57)
API hacking with postman Part 2 - importing the API description (3:33)
API hacking with postman Part 3 Pre-request scripts, tests and console (11:01)
API hacking with postman Part 4 - Getting dirty with data sources (8:03)
Exercises
Let's build an API to hack - Part 1 The basics
API roulette - Name the issues
Let's build an API to hack - Part 2 Faking it before
Let's build an API to hack - Part 3 Information
Postman presentation.pdf
postman API labs - Tiredful API.mov (7:21)
Postman - Theory.mov (17:06)
Teach online with
API7:2019 Security Misconfiguration
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock