|Hacking APIs (No Starch Press)|
|Wednesday, 07 September 2022|
This book is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. Corey Ball shows how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman, along with how to master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass.
The book also covers performing common attacks, like those targeting an API’s authentication mechanisms and the injection vulnerabilities commonly found in web applications, along with techniques for bypassing protections against these attacks.
Author: Corey Ball
Guided Labs include:
For more Book Watch just click.
Book Watch is I Programmer's listing of new books and is compiled using publishers' publicity material. It is not to be read as a review where we provide an independent assessment. Some, but by no means all, of the books in Book Watch are eventually reviewed.
To have new titles included in Book Watch contact BookWatch@i-programmer.info