Hacking APIs: Breaking Web Application Programming Interfaces

Synopsis

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. You&’ll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you&’ll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you&’ll learn to perform common attacks, like those targeting an API&’s authentication mechanisms and the injection vulnerabilities commonly found in web applications. You&’ll also learn techniques for bypassing protections against these attacks. In the book&’s nine guided labs, which target intentionally vulnerable APIs, you&’ll practice: • Enumerating APIs users and endpoints using fuzzing techniques • Using Postman to discover an excessive data exposure vulnerability • Performing a JSON Web Token attack against an API authentication process • Combining multiple API attack techniques to perform a NoSQL injection • Attacking a GraphQL API to uncover a broken object level authorization vulnerability By the end of the book, you&’ll be prepared to uncover those high-payout API bugs other hackers aren&’t finding and improve the security of applications on the web.

Copyright:

2022

Book Details

Book Quality:

Publisher Quality

Book Size:

308 Pages

ISBN-13:

9781718502451

Related ISBNs:

9781718502444

Publisher:

No Starch Press

Date of Addition:

11/22/22

Copyrighted By:

Corey Ball.

Adult content:

No

Language:

English

Has Image Descriptions:

No

Categories:

Nonfiction, Computers and Internet

Submitted By:

Bookshare Staff

Usage Restrictions:

This is a copyrighted book.