Short Course

API Security Testing Guide by the XSS Rat

Learn how to build and break an API in record time including the API top 10

5 Hours of video content

Beginner

Certificate of Completion Included

Check out Subscription Plans

Overview What You Will Learn Curriculum Instructor

Course Overview

In this course, you will learn a very important way of hacking and building APIs with practical labs and examples. You will get a feel for these issues sooner than you can say "API".

With the rise of software and web applications, we need to make sure to protect them as carefully as possible. This guide will be your handbook in your journey for testers, managers, and software developers. We will bring you from a beginner to an advanced level in no time and with our practical examples, you will even learn how to use and install an API firewall.

By the end, you will be able to build and break an API in record time including the API top 10.

What You Will Learn

Learn how to build your own API to hack.
Learn how to protect an API with a firewall.
Explore the OWASP API top 10 vulnerabilities.
Discover API hacking with postman.

Program Curriculum

API Top 10 - 0 Through 3
OWASP API TOP 10 - 4 to 7
API8-2019 Injection
AP19-2019 Improper Asset Management
OWASP API Top 10 - 10 Insufficient Logging and Monitoring
$7 Million Cybersecurity Scholarship by EC-Council
Chapter 1 Quiz

A1 - Broken Level Authorization
A2 - Broken Authentication
A3 - Excessive Information Disclosure
A4 - Lack of Rate Limiting
A5 - Broken Function Level Authorisation
A6 - Mass Assignment
A7 - Security Misconfiguration
A8 - Injections
A9 - Improper Asset Management
A10 - Insufficient Logging and Monitoring
Chapter 2 Quiz

Let's Build an API to Hack - Part 6: Emulating SQLi and Showing Possible SSTI
Building an API Part 7: API Broken Access Control Through Replacing HTTP Method
REST-API-GOAT: Chain Postman Burp Suite
Hacking an API with Postman - Theory
Postman API Hacking - Tiredful API
Chapter 3 Quiz

Video: API Firewall
Chapter 4 Quiz

API Hacking with Postman Part 1 - Getting the Basics Down
API Hacking with Postman Part 2 - Importing the API Description
API Hacking with Postman Part 3 - Pre-request Scripts, Tests and Console
API Hacking with Postman Part 4 - Getting Dirty with Data Sources
Chapter 5 Quiz

Load more modules

Instructor

Wesley Thijs

He is the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were. As a software test he has a unique skill set that center around logic flaws and IDORs which is not seen very much by other hunters. This gives him the advantage of finding less duplicates and maximizing his chance of finding a vulnerability by picking the correct target and applying the correct test strategy.

Buy this course now

$69.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 700+ courses and 50+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

^$ 499.00

Billed annually or $59.00 billed monthly

Get Started Now

Start your 7-day trial for $1

What is included

700+ Premium Short Courses
50+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

^$ 599.00

Billed annually or $69.00 billed monthly

Get Started Now

Start your 7-day trial for $1

Everything in Pro and

800+ Practice Lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Practice Labs and Challenges added every month
3 Official EC-Council Essentials Certifications¹ (retails at $897!)
Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

OSINT: Unmasking Online Scams and Fraud

Short Course

OSINT: Unmasking Online Scams and Fraud

Cybersecurity

Master OSINT Techniques to Detect Online Scams, Phishing, Fake Profiles, and Fraudulent Activities for Enhanced Cybersecurity and Informed Decision-Making

Master OSINT Techniques to Detect Online Scams, Phishing, Fak...

$0.00

Beginner

Hello
Implementing and Administering Cisco Solutions: CCNA 200-301

Short Course

Implementing and Administering Cisco Solutions: CCNA 200-301

Cybersecurity

Gain the core skills within the field of Network Engineering to design, configure, troubleshoot and secure enterprise networks.

Gain the core skills within the field of Network Engineering ...

$69.99

Beginner

10 hr 30 m

Hello
WordPress Security - Secure Your Site Against Hackers

Short Course

WordPress Security - Secure Your Site Against Hackers

Cybersecurity

Learn how to protect and secure you Wordpress Website

Learn how to protect and secure you Wordpress Website

$59.99

Beginner

2 hr 30 m

Hello
OSINT - Open-source Intelligence

Short Course

OSINT - Open-source Intelligence

Cybersecurity

Learn about OSINT (Open-source intelligence) from a hacker's point of view

Learn about OSINT (Open-source intelligence) from a hacker's ...

$69.99

Beginner

5 hr 59 m

Hello
Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

Short Course

Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

Cybersecurity

Learn the Privacy by Design process to increase the Privacy posture of your company and better protect data!

Learn the Privacy by Design process to increase the Privacy p...

$69.99

Beginner

5 hr 30 m

Hello
Malware Analysis Fundamentals

Short Course

Malware Analysis Fundamentals

Cybersecurity

Explore how to find, analyze, and reverse engineer malware.

Explore how to find, analyze, and reverse engineer malware.

$59.99

Beginner

4 hr 22 m

Hello
Digital Footprinting

Short Course

Digital Footprinting

Cybersecurity

A Practical Introduction to Digital Footprint Analysis

A Practical Introduction to Digital Footprint Analysis

$69.99

Beginner

4 hr 0 m

Hello
CVE's for Ethical Hacking Bug Bounties & Penetration Testing

Short Course

CVE's for Ethical Hacking Bug Bounties & Penetration T...

Cybersecurity

Complete Practical Course on CVEs for Ethical Hacking Penetration Testing and Bug Bounty Hunting with Live Attacks 2021

Complete Practical Course on CVEs for Ethical Hacking Penetra...

$69.99

Beginner

7 hr 20 m

Hello