CONTENTS:
PART I: HOW WEB API SECURITY WORKS
0: Preparing for Your Security Tests
1: How Web Applications Work
2: The Anatomy of Web APIs
3: Common API Vulnerabilities
PART II: BUILDING AN API TESTING LAB
4: Your API Hacking System
5: Setting Up Vulnerable API Targets
PART III: ATTACKING APIS
6: Discovery
7: Endpoint Analysis
8: Attacking Authentication
9: Fuzzing
10: Exploiting Authorization
11: Mass Assignment
12: Injection
viii Brief Contents
PART IV: REAL-WORLD API HACKING
13: Applying Evasive Techniques and Rate Limit Testing
14: Attacking GraphQL
15: Data Breaches and Bug Bounties
PART I: HOW WEB API SECURITY WORKS
0: Preparing for Your Security Tests
1: How Web Applications Work
2: The Anatomy of Web APIs
3: Common API Vulnerabilities
PART II: BUILDING AN API TESTING LAB
4: Your API Hacking System
5: Setting Up Vulnerable API Targets
PART III: ATTACKING APIS
6: Discovery
7: Endpoint Analysis
8: Attacking Authentication
9: Fuzzing
10: Exploiting Authorization
11: Mass Assignment
12: Injection
viii Brief Contents
PART IV: REAL-WORLD API HACKING
13: Applying Evasive Techniques and Rate Limit Testing
14: Attacking GraphQL
15: Data Breaches and Bug Bounties