🔐 OWASP API Hacking

📄Lesson 1: What's an API? 📄Lesson 2: What's an API? (Part 2) 📄Lesson 3: SOAP vs REST 📄Lesson 4: Authentication and Authorization 📄Lesson 5: Authentication - API Keys 📄Lesson 6: Authentication - Basic Auth 📄Lesson 7: Authentication - JWT 📄Lesson 8: Authentication - oAuth 📄Lesson 9: API Architectures 📄Lesson 10: API Documentation 📄Lesson 11: Quiz - Introduction to APIs 📄Lesson 12: Assignment - Introduction to APIs 📄Lesson 13: Curl 📄Lesson 14: Postman 📄Lesson 15: SOAP UI 📄Lesson 16: Python 📄Lesson 17: Quiz - Tools for Interacting with an API 📄Lesson 18: Assignment - Tools for Talking to an API 📄Lesson 19: BOLA - Broken Object Level Authorization 📄Lesson 20: Broken User Authentication 📄Lesson 21: Lack of Rate Limiting 📄Lesson 22: Broken Function Level Authorization 📄Lesson 23: Excessive Data Exposure 📄Lesson 24: Mass Assignment 📄Lesson 25: Security Misconfiguration 📄Lesson 26: Injection 📄Lesson 27: Improper Asset Management 📄Lesson 28: Insufficient Logging and Monitoring 📄Lesson 29: Quiz - Certified API Hacking Expert 📄Lesson 30: Assignment 📄Lesson 31: Broken Level Authorization 📄Lesson 32: Broken Level Authorization (02) 📄Lesson 33: Lack of Rate Limiting 📄Lesson 34: Excessive Information Disclosure 📄Lesson 35: Broken Function Level Authorization 📄Lesson 36: Mass Assignment 📄Lesson 37: Security Misconfiguration 📄Lesson 38: Security Misconfiguration (02) 📄Lesson 39: Injections 📄Lesson 40: Injections (01) 📄Lesson 41: Improper Asset Management 📄Lesson 42: Insufficient Logging & Monitoring 📄Lesson 43: Test Plan 📄Lesson 44: Test Report 📄Lesson 45: Test Debrief Meeting 📄Lesson 46: API Pentesting Documentation 📄Lesson 47: Penetration Testing Report 📄Lesson 48: Quiz 📄Lesson 49: Testing Plan Example 📄Lesson 50: How to Secure REST API from Attackers 📄Lesson 51: Practice Example 📄Lesson 52: Introduction API Hacking CC4