•  Retrait gratuit dans votre magasin Club
  •  7.000.000 titres dans notre catalogue
  •  Payer en toute sécurité
  •  Toujours un magasin près de chez vous     
  •  Retrait gratuit dans votre magasin Club
  •  7.000.000 titres dans notre catalogue
  •  Payer en toute sécurité
  •  Toujours un magasin près de chez vous

Livres

Ebooks

Papeterie

Jeux

Cadeaux

Tous les produits

Dédicaces

Jobs

Articles

  1. Accueil
  2. Livres
  3. Savoirs
  4. Informatique
  5. Programmation
  6. Web
  7. Hacking APIs

Hacking APIs

Breaking Web Application Programming Interfaces

Corey J Ball
Livre broché | Anglais
83,45 €
+ 166 points
Livraison 1 à 4 semaines
Passer une commande en un clic
Payer en toute sécurité
Livraison en Belgique: 3,99 €
Livraison en magasin gratuite

Description

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.

Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.

You'll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you'll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you'll learn to perform common attacks, like those targeting an API's authentication mechanisms and the injection vulnerabilities commonly found in web applications. You'll also learn techniques for bypassing protections against these attacks.

In the book's nine guided labs, which target intentionally vulnerable APIs, you'll practice:
  • Enumerating APIs users and endpoints using fuzzing techniques
  • Using Postman to discover an excessive data exposure vulnerability
  • Performing a JSON Web Token attack against an API authentication process
  • Combining multiple API attack techniques to perform a NoSQL injection
  • Attacking a GraphQL API to uncover a broken object level authorization vulnerability

    • By the end of the book, you'll be prepared to uncover those high-payout API bugs other hackers aren't finding and improve the security of applications on the web.

    Spécifications

    Parties prenantes

    Auteur(s) :
    Corey J Ball
    Editeur:
    No Starch Press

    Contenu

    Nombre de pages :
    368
    Langue:
    Anglais

    Caractéristiques

    EAN:
    9781718502444
    Date de parution :
    12-07-22
    Format:
    Livre broché
    Format numérique:
    Trade paperback (VS)
    Dimensions :
    175 mm x 231 mm
    Poids :
    680 g

    Les avis