Udvidet returret til d. 31. januar 2025

Hacking APIs - Corey J. Ball - Bog

Bag om Hacking APIs

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. You’ll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you’ll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you’ll learn to perform common attacks, like those targeting an API’s authentication mechanisms and the injection vulnerabilities commonly found in web applications. You’ll also learn techniques for bypassing protections against these attacks. In the book’s nine guided labs, which target intentionally vulnerable APIs, you’ll practice: Enumerating APIs users and endpoints using fuzzing techniquesUsing Postman to discover an excessive data exposure vulnerabilityPerforming a JSON Web Token attack against an API authentication processCombining multiple API attack techniques to perform a NoSQL injectionAttacking a GraphQL API to uncover a broken object level authorization vulnerability By the end of the book, you’ll be prepared to uncover those high-payout API bugs other hackers aren’t finding and improve the security of applications on the web.

Vis mere
  • Sprog:
  • Engelsk
  • ISBN:
  • 9781718502444
  • Indbinding:
  • Paperback
  • Sideantal:
  • 368
  • Udgivet:
  • 12. juli 2022
  • Størrelse:
  • 234x177x28 mm.
  • Vægt:
  • 682 g.
  • Ukendt - mangler pt..

Normalpris

  • BLACK WEEK

Medlemspris

Prøv i 30 dage for 45 kr.
Herefter fra 79 kr./md. Ingen binding.

Beskrivelse af Hacking APIs

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.
Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.

You’ll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you’ll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you’ll learn to perform common attacks, like those targeting an API’s authentication mechanisms and the injection vulnerabilities commonly found in web applications. You’ll also learn techniques for bypassing protections against these attacks.

In the book’s nine guided labs, which target intentionally vulnerable APIs, you’ll practice:
Enumerating APIs users and endpoints using fuzzing techniquesUsing Postman to discover an excessive data exposure vulnerabilityPerforming a JSON Web Token attack against an API authentication processCombining multiple API attack techniques to perform a NoSQL injectionAttacking a GraphQL API to uncover a broken object level authorization vulnerability
By the end of the book, you’ll be prepared to uncover those high-payout API bugs other hackers aren’t finding and improve the security of applications on the web.

Brugerbedømmelser af Hacking APIs



Find lignende bøger
Bogen Hacking APIs findes i følgende kategorier:

Gør som tusindvis af andre bogelskere

Tilmeld dig nyhedsbrevet og få gode tilbud og inspiration til din næste læsning.