API testing and securing guide
Learn how to build and break an API in record time including the API top 10
What you'll learn
Build your own API to hack
Protect an API with a firewall
The OWASP API top 10 vulnerabilities
API hacking with postman
About the course
In this course we will be teaching you a very important way of hacking and building APIs with practical labs and examples. You will get a feel for these issues sooner than you can say "API".
With the rise of software and web applications we need to make sure to protect them as carefully as possible. This guide will be your handbook in your journey for testers, managers and software developers.
We will bring you from a beginner to an advances level in no time and with our practical examples you will even learn how to use and install an API firewall.
What will you learn?
- The OWASP API top 10
- Building and hacking an API
- How to install an API firewall
- Hacking APIs with postman
Who is this course for?
I explain everything as clearly as possible in this course so everyone with even a basic understanding of technical topics can understand what can go wrong and how to prevent it.
Your Instructor
I am the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were. As a software test i have a unique skill set that centers around logic flaws and IDORs which i have not seen very much by other hunters. This gives me the advantage of finding less duplicates and maximizing my chance of finding a vulnerability by picking the correct target and applying the correct test strategy.
Course Curriculum
Videos OWASP API TOP 10
Available in
days
days
after you enroll
PDFs OWASP API Top 10
Available in
days
days
after you enroll
-
StartAPI0.2019: What is an API?
-
StartAPI1:2019 Broken Object Level Authorization
-
StartAPI2:2019 Broken User Authentication
-
StartAPI3:2019 Excessive Data Exposure
-
StartAPI4:2019 Lack of rate limiting
-
StartAPI5:2019 Broken Function Level Authorization
-
StartAPI6:2019 Mass Assignment
-
StartAPI7:2019 Security Misconfiguration
-
StartAPI8:2019 Injection
-
StartAPI9:2019 Improper Assets Management
-
StartAPI10:2019 Insufficient Logging & Monitoring
Videos: API top 10 demonstrations
Available in
days
days
after you enroll
-
StartA1 - Broken level authorization (2:19)
-
StartA2 - Broken authentication (0:55)
-
StartA3 - Excessive information disclosure (1:02)
-
StartA4 - lack of rate limiting (0:46)
-
StartA5 - broken function level authorization (2:13)
-
StartA6 - Mass assignment (2:16)
-
StartA7 - Security misconfiguration (0:33)
-
StartA8 - Injections (1:20)
-
StartA9 - Improper asset management (1:01)
-
StartA10 - Insufficient logging and monitoring (1:13)
-
StartTop10.zip
Frequently Asked Questions
When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.