Cover Image
Read Now

Hacking APIs breaking web application programming interfaces

"Teaches how to penetration-test APIs, make APIs more secure, set up a streamlined API testing lab with Burp Suite and Postman, and master tools for reconnaissance, endpoint analysis, and fuzzing. Topics covered include REST and GraphQL APIs, API authentication mechanisms, vulnerabilities, and...

Full description

Bibliographic Details
Main Author: Ball, Corey
Format: eBook
Language:English
Published: San Francisco No Starch Press 2022
Subjects:
Logiciels D'application / Développement
Application Program Interfaces (computer Software) / Http://id.loc.gov/authorities/subjects/sh98004527
Application Software / Development / Fast
Apis (interfaces) / Aat
Application Program Interfaces (computer Software) / Fast
Interfaces De Programmation D'applications
Application Software / Development / Http://id.loc.gov/authorities/subjects/sh95009362
Online Access:
Collection: O'Reilly - Collection details see MPG.ReNa
Table of Contents:
  • Preparing for API security testing
  • How web applications work
  • The anatomy of web APIs
  • API insecurities
  • Setting up vulnerable API targets for testing
  • Analysis and attribution
  • Discovering APIs
  • Endpoint analysis
  • Authentication attacks
  • Fuzzing
  • Exploiting API authorization
  • Exploiting mass assignment
  • API injection
  • Evasive techniques and rate limit testing
  • Hacking APIs
  • Breaches and bounties

Similar Items