Hacking APIs

Hacking APIs

Corey J. Ball
0 / 5.0
0 comments
Sukakah Anda buku ini?
Bagaimana kualitas file yang diunduh?
Unduh buku untuk menilai kualitasnya
Bagaimana kualitas file yang diunduh?

An Application Programming Interface (API) is a software connection that allows applications to communicate and share services. Hacking APIs will teach you how to test web APIs for security vulnerabilities. You’ll learn how the common API types, REST, SOAP, and GraphQL, work in the wild. Then you’ll set up a streamlined API testing lab and perform common attacks, like those targeting an API’s authentication mechanisms, and the injection vulnerabilities commonly found in web applications. In the book’s guided labs, which target intentionally vulnerable APIs, you’ll practice:


•Enumerating API users and endpoints using fuzzing techniques
•Using Postman to discover an excessive data exposure vulnerability
•Performing a JSON Web Token attack against an API authentication process
•Combining multiple API attack techniques to perform a NoSQL injection
•Attacking a GraphQL API to uncover a broken object level authorization vulnerability


By the end of the book, you’ll be prepared to uncover those high-payout API bugs that other hackers aren’t finding, and improve the security of applications on the web.

Kategori:
Computers - Programming
Tahun:
2022
Penerbit:
No Starch Press
Bahasa:
english
File:
EPUB, 11.41 MB
IPFS:
CID , CID Blake2b
english, 2022
Membaca daring
Pengubahan menjadi sedang diproses
Pengubahan menjadi gagal

Istilah kunci

 
requests
figure
apis
response
testing
burp
security
payload
server
vulnerabilities
graphql
postman
fuzzing
authentication
documentation
resources
target
authorization
hacking
password
provider
attacks
endpoint
responses
query
key
content
headers
injection
json
users
client
discover
vulnerability
brute
parameters
payloads
search
browser
rate
lab
crapi
vulnerable
tokens
header
wfuzz
scan
url
endpoints
path
resource
sql
finding
input
select
tab
consumer
tools
jwt
proxy

Daftar buku terkait