API brute force attacks [FREE COURSE CONTENT]

In this video from our API Security: Offence and Defence you will learn what an API brute force attack looks like, and how to perform it. APIs for web applications are growing in numbers by the minute, if you have your eyes on pentesting one this will be a great addition to your arsenal. Dive in! 



API is now being used by every web/mobile/desktop application to communicate with each other. But, as any other technology, it has its strengths and weaknesses. In this course we will focus on REST API and we will go through ​ the techniques used to find weaknesses and exploit them, also the countermeasures​ ​ used​ ​ by​ ​ developers.


What will you learn?

  • API​ ​ Standards​ ​ (e.g.,​ Authentication​, Data​ ​ Exchange​,​ etc.)
  • API​ ​ Attacks​ ​ and​ ​ Countermeasures
  • Brute force attacks on API
  • DDoS attacks on API
  • OAuth attacks on API

What skills will you gain?

  • Practical experience in pentesting​ ​REST API
  • How to implement​ ​ Secure​ ​ API

What will you need?

  • PC with a preferred operating system (Mac OSX 10.5+, Windows 7+, Linux)
  • API​ ​ testing​ ​ tool​ ​ (e.g.,​ ​ PostMan)
  • Proxy​ ​ tool​ ​ (e.g.,​ ​ Burp​ ​ Suite, Fiddler)

What should you know before you join?

  • Previous​ ​ knowledge​ ​ of​ ​ how​ ​ web​ ​ works​ ​ (e.g.,​ ​ HTTP​ ​ Protocol​, HTTP​ ​ Methods​, etc.)
  • ​Understanding​ ​ of basic​ ​ web​ ​ vulnerabilities (e.g., XSS, CSRF, Open Redirect, IDOR, etc.)

Course format: 

  • The course is self-paced – you can visit the training whenever you want and your content will be there.
  • Once you’re in, you keep access forever, even when you finish the course.
  • There are no deadlines, except for the ones you set for yourself.
  • We designed the course so that a diligent student will need about 18 hours of work to complete the training.
  • Your time will be filled with reading, videos, and exercises.

Want to join the course? Get a membership plan >>


Related posts:

April 22, 2020
Subscribe
Notify of
guest
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013