Companies Home Search Profile
TrainingHub TrainingHub

Breaking APIs: An Offensive API Pentesting Course

Focused View

Vivek Pandit

5:12:49

0 View
  • 1 - Introduction.mp4
    04:13
  • 2 - API-Pentesting-Mindmap-ATTACK.pdf
  • 2 - API-Pentesting-Mindmap-HTML.html
  • 2 - Breaking-APIs-An-Offensive-API-Pentesting-Course.pdf
  • 2 - Introduction to APIs.mp4
    08:20
  • 2 - What is an API.txt
  • 3 - What are REST APIs.mp4
    04:10
  • 3 - What is a REST API.txt
  • 4 - Web Application Fundamentals.mp4
    11:21
  • 5 - Statefull and Stateless HTTP Reqests.mp4
    02:17
  • 5 - Stateful vs stateless.txt
  • 6 - Types of APIs.mp4
    06:40
  • 7 - API Authentication Process.mp4
    05:42
  • 8 - What Is API Pentesting.mp4
    02:50
  • 9 - Lab Setup and Lab Overview.mp4
    06:55
  • 10 - Burpsuite Configurations.mp4
    03:09
  • 10 - Portswigger Website.txt
  • 11 - Postman Dowload and Setup.mp4
    04:17
  • 11 - Postman Download.txt
  • 12 - Postman Introduction.mp4
    08:47
  • 13 - Introduction Of Active and Passive Recon.mp4
    01:54
  • 14 - Active Recon.mp4
    13:21
  • 15 - Passive Recon.mp4
    23:56
  • 16 - API Endpoint Analysis.mp4
    13:58
  • 17 - Broken Object Level Authorization Overview.mp4
    17:34
  • 18 - Broken Object Level Authorization Practical 1.mp4
    07:35
  • 19 - Broken Object Level Authorization Practical 2.mp4
    06:36
  • 20 - Task.html
  • 21 - Broken Authentication Overview.mp4
    09:48
  • 22 - Broken Authentication Practical 1.mp4
    04:53
  • 23 - Broken Authentication Practical 2.mp4
    06:59
  • 24 - Task.html
  • 25 - JSON Web Token Attacks and Vulnerabilities Overview.mp4
    08:30
  • 26 - JSON Web Token Attacks Practical.mp4
    08:56
  • 27 - Broken Function Level Authorization Overview.mp4
    09:47
  • 28 - Broken Function Level Authorization Practical 1.mp4
    06:46
  • 29 - Broken Function Level Authorization Practical 2.mp4
    03:29
  • 30 - Task.html
  • 31 - Server Side Request Forgery Overview.mp4
    02:40
  • 32 - Server Side Request Forgery Practical 1.mp4
    03:08
  • 33 - Server Side Request Forgery Practical 2.mp4
    01:29
  • 34 - Task.html
  • 35 - Excessive Data Exposure Overview.mp4
    06:44
  • 36 - Excessive Data Exposure Practical 1.mp4
    04:43
  • 37 - Excessive Data Exposure Practical 2.mp4
    04:50
  • 38 - Task.html
  • 39 - Lack of Resource and Rate Limiting Overview.mp4
    04:44
  • 40 - Lack of Resource and Rate Limiting Practical 1.mp4
    02:54
  • 41 - Lack of Resource and Rate Limiting Practical 2.mp4
    03:50
  • 42 - Task.html
  • 43 - Mass Assignment Overview.mp4
    08:03
  • 44 - Mass Assignment Practical 1.mp4
    02:23
  • 45 - Mass Assignment Practical 2.mp4
    03:19
  • 46 - Task.html
  • 47 - Injection Attacks Overview.mp4
    03:22
  • 48 - Injection Attacks Practical 1.mp4
    06:32
  • 49 - Injection Attacks Practical 2.mp4
    05:49
  • 50 - Task.html
  • 51 - Improper Assets Management Overview.mp4
    05:18
  • 52 - Improper Assets Management Practical 1.mp4
    09:12
  • 53 - Improper Assets Management Practical 2.mp4
    05:08
  • 54 - Task.html
  • 55 - Security Misconfigurations Overview.mp4
    05:56
  • 56 - Security Misconfigurations Practical 1.mp4
    02:18
  • 57 - Security Misconfigurations Practical 2.mp4
    03:08
  • 58 - Task.html
  • 59 - Insufficient Logging and Monitoring Overview.mp4
    03:06
  • 60 - Insufficient Logging and Monitoring Practical 1.mp4
    00:51
  • 61 - Task.html
  • 62 - Bonus lecture.mp4
    00:39

    • Description

    Offensive API Pentesting: Identify Vulnerabilities, Attack Weaknesses, and Enhance Defenses With Offensive Pentesting.

    What You'll Learn?

    • Understand API Security Concepts
    • Identify and Exploit Common API Vulnerabilities
    • Perform Advanced API Pentesting Techniques
    • Report Findings and Provide Remediation Recommendations

    Who is this for?

  • Security Consultants
  • Penetration Testers
  • Developers and DevOps Engineers
  • Cybersecurity Professionals

    • What You Need to Know?

  • Basic Understanding of Web Technologies
  • Knowledge of Cybersecurity Concepts
  • Basic Understanding of Web Vulnerabilities

    • More details

    Description

    APIs are the backbone of modern applications, enabling seamless interactions between services. However, their increasing presence makes them a prime target for attackers. "Breaking APIs: An Offensive API Pentesting Course" is designed to equip you with the offensive API pentesting skills necessary to find and exploit security flaws before malicious actors do.

    This course begins with the fundamentals of API architecture and HTTP protocols, followed by hands-on techniques for API enumeration and testing. You will explore essential tools like Postman and Burp Suite, learning how to map APIs and uncover potential weaknesses. Progressing into more advanced concepts, you will dive into common API security vulnerabilities, such as broken authentication, broken authorization, and misconfigurations.

    The course aligns with the OWASP API Security Top 10, tackling real-world vulnerabilities like Broken Object Level Authorization (BOLA), excessive data exposure, mass assignment, injection attacks, and improper asset management. Each module is designed to give you practical, hands-on experience in finding and exploiting these vulnerabilities, reinforcing your skills through detailed labs and challenges.

    Whether you’re a penetration tester, security analyst, or developer, "Breaking APIs: An Offensive API Pentesting Course" will arm you with the skills and knowledge to secure APIs in today's threat landscape. By the end of this course, you will be prepared to conduct thorough API pentests, identify security risks, and protect sensitive data from emerging threats.

    Who this course is for:

    • Security Consultants
    • Penetration Testers
    • Developers and DevOps Engineers
    • Cybersecurity Professionals

    User Reviews
    Rating
    0
    0
    0
    0
    0
    average 0
    Total votes0
    Focused display
    Category

    Penetration Testing

    Vivek Pandit
    Vivek Pandit
    Instructor's Courses
    That's great to hear that Vivek Pandit is a successful ethical hacker who is providing his services to both government and private sectors in India. It's also impressive that he holds certifications like OSCP, CEH, and CISSP which are highly respected in the information security industry.Furthermore, training more than 25000 students worldwide is a significant achievement and demonstrates his dedication to sharing his knowledge and expertise with others. It's important to have skilled professionals in the field of ethical hacking to help protect organizations from cyber threats and vulnerabilities.Overall, it's encouraging to see individuals like Vivek Pandit making a positive impact in the cybersecurity industry, and I wish him continued success in his career.
    Udemy
    Udemy
    View courses Udemy
    Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.
    • language english
    • Training sessions 51
    • duration 5:12:49
    • Release Date 2024/12/03

    Courses related to Penetration Testing

    Cloud Pentesting Bootcamp
    INECloud Pentesting Bootcamp
    6:03:04
    08/13/2023
    Subtitle
    API Security with the OWASP API Security Top 10
    Pluralsight Chris Behrens
    Chris Behrens
    API Security with the OWASP API Security Top 10
    1:59:42
    English subtitles
    09/30/2023
    eCTHPv2 - Threat Hunting Professional - eLearnSecurity
    INEeCTHPv2 - Threat Hunting Professional - eLearnSecurity
    3:48:17
    08/21/2023