Your cart is empty now.
$59.99
Availability: 0 left in stock
Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.
Hacking APIs is a crash course on web...- Name : Hacking APIs: Breaking Web Application Programming Interfaces
- Vendor : No Starch Press
- Type : Books
- Manufacturing : 2024 / 08 / 11
- Barcode : 9781718502444
Guaranteed safe checkout:
Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. You'll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you'll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you'll learn to perform common attacks, like those targeting an API's authentication mechanisms and the injection vulnerabilities commonly found in web applications. You'll also learn techniques for bypassing protections against these attacks. In the book's nine guided labs, which target intentionally vulnerable APIs, you'll practice:
Enumerating APIs users and endpoints using fuzzing techniques Using Postman to discover an excessive data exposure vulnerability Performing a JSON Web Token attack against an API authentication process Combining multiple API attack techniques to perform a NoSQL injection Attacking a GraphQL API to uncover a broken object level authorization vulnerability
By the end of the book, you'll be prepared to uncover those high-payout API bugs other hackers aren't finding and improve the security of applications on the web.
Author: Corey J. Ball
Binding Type: Paperback
Publisher: No Starch Press
Published: 07/12/2022
Pages: 368
Weight: 1.5lbs
Size: 9.10h x 6.90w x 0.80d
ISBN: 9781718502444
About the Author
Corey Ball is a cybersecurity consulting manager at Moss Adams, where he leads its penetration testing services. He has over ten years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, financial tech, government services, and healthcare. In addition to a bachelor's degree in English and philosophy from Sacramento State University, Corey holds the OSCP, CCISO, CEH, CISA, CISM, CRISC, and CGEIT industry certifications.
By the end of the book, you'll be prepared to uncover those high-payout API bugs other hackers aren't finding and improve the security of applications on the web.
Author: Corey J. Ball
Binding Type: Paperback
Publisher: No Starch Press
Published: 07/12/2022
Pages: 368
Weight: 1.5lbs
Size: 9.10h x 6.90w x 0.80d
ISBN: 9781718502444
About the Author
Corey Ball is a cybersecurity consulting manager at Moss Adams, where he leads its penetration testing services. He has over ten years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, financial tech, government services, and healthcare. In addition to a bachelor's degree in English and philosophy from Sacramento State University, Corey holds the OSCP, CCISO, CEH, CISA, CISM, CRISC, and CGEIT industry certifications.
Ezra's Archive Does not ship outside of the United States
Delivery Options:
1. Economy:
Estimated Delivery Time - 5 to 8 Business Days
Shipping Cost - $4.15
2. USPS Priority:
Estimated Delivery Time - 1 to 3 Business Days
Shipping Cost - $8.85
3. Free Economy Shipping: Only Applicable to Orders over $60
Returns and Refunds:
Purchased items are not eligible to be returned. However, a refund or item replacement may be granted should an item be damaged or misplaced during shipping. To make a refund or replacement claim please contact us via email at Ezra'sArchive@outlook.com