کتاب Hacking APIs
- Corey J. Ball
- 2022
- 363 صفحه
- 24 مگابایت
- انگلیسی
Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.
Table of contents
Foreword
Acknowledgments
Introduction
PART I: HOW WEB API SECURITY WORKS
Chapter 0: Preparing for Your Security Tests
Chapter 1: How Web Applications Work
Chapter 2: The Anatomy of Web APIs
Chapter 3: Common API Vulnerabilities
PART II: BUILDING AN API TESTING LAB
Chapter 4: Your API Hacking System
Chapter 5: Setting Up Vulnerable API Targets
PART III: ATTACKING APIs
Chapter 6: Discovery
Chapter 7: Endpoint Analysis
Chapter 8: Attacking Authentication
Chapter 9: Fuzzing
Chapter 10: Exploiting Authorization
Chapter 11: Mass Assignment
Chapter 12: Injection
PART IV: REAL-WORLD API HACKING
Chapter 13: Applying Evasive Techniques and Rate Limit Testing
Chapter 14: Attacking GraphQL
Chapter 15: Data Breaches and Bug Bounties
Conclusion
Acknowledgments
Introduction
PART I: HOW WEB API SECURITY WORKS
Chapter 0: Preparing for Your Security Tests
Chapter 1: How Web Applications Work
Chapter 2: The Anatomy of Web APIs
Chapter 3: Common API Vulnerabilities
PART II: BUILDING AN API TESTING LAB
Chapter 4: Your API Hacking System
Chapter 5: Setting Up Vulnerable API Targets
PART III: ATTACKING APIs
Chapter 6: Discovery
Chapter 7: Endpoint Analysis
Chapter 8: Attacking Authentication
Chapter 9: Fuzzing
Chapter 10: Exploiting Authorization
Chapter 11: Mass Assignment
Chapter 12: Injection
PART IV: REAL-WORLD API HACKING
Chapter 13: Applying Evasive Techniques and Rate Limit Testing
Chapter 14: Attacking GraphQL
Chapter 15: Data Breaches and Bug Bounties
Conclusion