Specialized Testing: API Testing

Focused View

George Smith

56:21

79 View

1. Course Overview

1. Course Overview.mp4

01:19

2. Gathering API Pentesting Intelligence

1. Introduction.mp4

02:04

2. Differences between Webapp and API Pentesting.mp4

03:56

3. New Business Strategy at Globomantics.mp4

01:56

4. Enumerating REST API Endpoints.mp4

11:01

5. Summary.mp4

01:02

3. Analyzing API Response Data

1. Introduction.mp4

00:49

2. Analyzing API Responses and Going Deeper.mp4

12:58

3. Adopting a General Pentesting Approach and Summary.mp4

00:58

4. Crafting Requests to Exploit Vulnerabilities

1. Introduction.mp4

01:15

2. SQL Injection.mp4

04:22

3. Command Injection.mp4

07:49

4. Code Injection.mp4

05:06

5. Course Summary and Next Steps.mp4

01:46

Description

In the age of APIs, ensuring their bullet-proof security is paramount. This course will teach you how to probe APIs for different injection vulnerabilities, gather pentesting information, and use it to potentially exploit such vulnerabilities in APIs

What You'll Learn?

Many APIs today are not subject to sufficient security pentesting. The main reason usually centers around lack of knowledge for conducting pentesting specifically targeted at APIs. In this course, Specialized Testing: API Testing, you’ll learn to pentest APIs for injection vulnerabilities. First, you’ll explore gathering potential vulnerability information from response payloads of your API. Next, you’ll discover how to interpret this data to glean valuable pentesting information. Finally, you’ll learn how to use that information to pentest the API's vulnerable endpoints. When you’re finished with this course, you’ll have the skills and knowledge of performing pentesting for different injection types needed to protect your APIs by mitigating or completely eliminating its injection vulnerabilities.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Software Testing

Automation Testing

API Testing

Software Engineering

George Smith

Instructor's Courses

George Smith has spent more than 25 years in the IT industry. During this time he has held a variety of positions, starting with web UI development and business analysis, progressing with system administration and infrastructure, then switching to core systems programming, technical consulting, and finally becoming an E-Commerce Architect and Subject Matter Expert. He is well versed in modern trends like Containerization, Infrastructure as Code, Serverless computing models, and more. George demonstrates a passion for cutting-edge system design leveraging the latest in tech to help enterprises achieve their desired business results. He has recently published "IT Career Paths: Take the Helicopter" on Amazon KDP. George holds a Master in IT degree from Bentley University (Boston, MA) and Master in Business Administration from the University of Ottawa.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.