API Security Testing Guide by The XSS Rat

Learn how to build and break an API in record time including the API top 10

4.05 (260 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
API Security Testing Guide by The XSS Rat
43,728
students
5 hours
content
Jun 2022
last update
$49.99
regular price

What you will learn

Build your own API to hack

Protect an API with a firewall

The OWASP API top 10 vulnerabilities

API hacking with postman

Description

About the course

In this course we will be teaching you a very important way of hacking and building APIs with practical labs and examples. You will get a feel for these issues sooner than you can say "API".

With the rise of software and web applications we need to make sure to protect them as carefully as possible. This guide will be your handbook in your journey for testers, managers and software developers.

We will bring you from a beginner to an advances level in no time and with our practical examples you will even learn how to use and install an API firewall.

About me

I am the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were. As a software tester I have a unique skill set that centres around logic flaws and IDORs which I have not seen very much by other hunters. This gives me the advantage of finding less duplicates and maximising my chance of finding a vulnerability by picking the correct target and applying the correct test strategy.

What will you learn?

- The OWASP API top 10

- Building and hacking an API

- How to install an API firewall

- Hacking APIs with postman

Who is this course for?

I explain everything as clearly as possible in this course so everyone with even a basic understanding of technical topics can understand what can go wrong and how to prevent it.

Content

PDFs: OWASP API TOP 10

API0.2019: What is an API
API1:2019 Broken Object Level Authorization
API2:2019 Broken User Authentication
API3:2019 Excessive Data Exposure
API4:2019 Lack of rate limiting
API5:2019 Broken Function Level Authorization
API6:2019 Excessive Data Exposure
API7:2019 Security Misconfiguration
API8:2019 Injection
API9:2019 Improper Assets Management
API10:2019 Insufficient Logging & Monitoring

Video's: OWASP API TOP 10

API top 10 - 0 through 3
OWASP API TOP 10 - 4 to 7
API8-2019 Injection
API9-2019 improper asset management
OWASP API top 10 - 10 insufficient logging and monitoring

Building and hacking an API

Let's build an API to hack - Part 1: The basics
Let's build an API to hack - Part 2: Faking it before breaking it
Let's build an API to hack - Part 3: Information disclosure
API roulette - Name the issues

API firewalls

Video: API firewall
API Firewall guide

API Hacking with postman

API hacking with postman Part 1 - getting the basics down
API hacking with postman Part 2 - importing the API description
API hacking with postman Part 3 Pre-request scripts, tests and console
API hacking with postman Part 4 - Getting dirty with data sources

Extra's

API Testing
Swagger and OpenAPI
API Security - Top 10 Best Practices
How to secure your rest API from attackers

Reviews

Michael
October 9, 2023
overall, I enjoyed this course. sometimes it was not as easy to follow along and a few links seemed to be broken (section 4 labs).
Matthew
March 6, 2023
Only want to be constructive. But it the course could use an editor to tighten up explanations and remove redundancy. It was poorly written and it was hard to make it through. The content he makes on YT is much better.
Dharmendra
January 23, 2023
The example videos of OWASP API Top 10 are very short and poorly made. I wish this course included more hands on and more demo videos with proper step by step explanation on how to perform the attack.
Samir
September 2, 2022
Course with several PDF and text links for the student to read, I don't recommend it, if I knew it was reading, I would have bought a book or read articles much better explained
Venkateshbabu
June 26, 2022
Good course, Author's voice should be loud while explaining the concepts in API hacking with the postman and OWASP Top 10 videos
Ricardo
May 24, 2022
Course with disorganized and messy content, little practical part and video content, only several PDF and text links for the student to read, I don't recommend it, if I knew it was reading, I would have bought a book or read articles much better explained, nor the lab wants to have a hands on showing how to go up, just texts and more texts. Waste of time and money...
Dilipkumar
May 11, 2022
giving 4 start because if you are beginner than this course is for you pdf was great over video lecture i enjoyed lot
David
September 19, 2021
I really appreciate what the rat is trying to do here really. However, the course content is plagued with grammatical and spelling errors. The sections often repeat themselves. I purchased this course for details on API testing methodology... I missed it or it wasn't communicated clearly at all. If you need a quick intro I would hesitantly recommend this course.
Hasan
September 13, 2021
Everyone knows that the XSS Rat is a good security researcher/bug bounty hunter. However, obviously he is not a good instructor. I am sure he is very good on API security but this course is below average. In the first 2 section, there are only some notes about Owasp API Top 10. In section 3, I expected to see some demo but he just read his notes and talked. Most of the sections are not completed. I have just expected to see him find some vulnerabilities but there is not. This course could be much better because I know that he has good videos on his YouTube channel. I am really disappointed.

Coupons

DateDiscountStatus
8/20/2021100% OFF
expired
9/4/2021100% OFF
expired
9/14/2021100% OFF
expired
10/26/2021100% OFF
expired
11/4/2021100% OFF
expired
11/6/2021100% OFF
expired
12/5/2021100% OFF
expired
12/15/2021100% OFF
expired
1/5/2022100% OFF
expired
2/4/2022100% OFF
expired
3/8/2022100% OFF
expired
8/31/2022100% OFF
expired
9/11/2022100% OFF
expired

Charts

Price

API Security Testing Guide by The XSS Rat - Price chart

Rating

API Security Testing Guide by The XSS Rat - Ratings chart

Enrollment distribution

API Security Testing Guide by The XSS Rat - Distribution chart

Related Topics

4252806
udemy ID
8/20/2021
course created date
8/20/2021
course indexed date
Bot
course submited by