filmov
tv
Fundamentals of Hacking Web API's
Показать описание
Penetration Testing
Web Application Penetration Testing
Ransomware Readiness Assessment
Mobile App Assessment
Remote Access Assessment
Purple Team
Red Team & Adversary Emulation
Let our offense, prepare your defense.
______________________________________________________________
Today, Red Siege breaks down the fundamentals of hacking web API's
SiegeCast: "WEB API WEAKNESSES"
Presented by
Charles Shirer ( @bsdbandit )
Penetration testing Web API's can be difficult without an effective approach, so Charles Shirer is here to provide you with a few tips and tricks! Charles breaks down the fundamentals of hacking Web API's and the methodology that he has used during his career to perform successful and effective Web API penetration tests over the years.
Follow Us
_______________________________________________________
Twitter: @timmedin
Red Siege is an information security consulting company that concentrates on the latest threats to organizations today. We perform in-depth analysis, determine organization/business risk, and find the vulnerabilities before the bad guys do. Our team includes internationally renowned experts who have been featured in international news outlets and conferences, including The Wall Street Journal, The Washington Post, a News Channel Asia Documentary.
#hacking #infosec #webapi #webapp
00:00 Web API Weaknesses
00:27 About Charles
1:07 Hacking Web API's
1:36 Types of Web API's
3:10 What is Rest API?
4:10 Rest API Testing Approach
5:47 Understand the API Attack Surface
8:40 API Documentation
9:09 Broken Authentication
9:28 Authentication Bypass
10:58 Testing for SQL Injection
13:13 Validate the Response
14:24 Test for IDOR Attacks
16:27 Test for XML Attacks
16:58 What is XML Injection?
17:15 Test for XML Injection
18:03 XXE Injection Attack
20:02 Testing Brute Force
21:09 Abusing Lack of Rate Limiting
23:22 Finding Sensitive Data Using Get Requests
24:57 Find Post & Put Requests for Endpoints
26:26 API Security Misconfiguration
28:12 Automated API Fuzzing
30:25 Automated Fuzzing Using Astra
31:50 Automated Fuzzing Using FuzzAPI
33:55 Learning Resources
34:58 Practice Resources
36:04 Questions
Web Application Penetration Testing
Ransomware Readiness Assessment
Mobile App Assessment
Remote Access Assessment
Purple Team
Red Team & Adversary Emulation
Let our offense, prepare your defense.
______________________________________________________________
Today, Red Siege breaks down the fundamentals of hacking web API's
SiegeCast: "WEB API WEAKNESSES"
Presented by
Charles Shirer ( @bsdbandit )
Penetration testing Web API's can be difficult without an effective approach, so Charles Shirer is here to provide you with a few tips and tricks! Charles breaks down the fundamentals of hacking Web API's and the methodology that he has used during his career to perform successful and effective Web API penetration tests over the years.
Follow Us
_______________________________________________________
Twitter: @timmedin
Red Siege is an information security consulting company that concentrates on the latest threats to organizations today. We perform in-depth analysis, determine organization/business risk, and find the vulnerabilities before the bad guys do. Our team includes internationally renowned experts who have been featured in international news outlets and conferences, including The Wall Street Journal, The Washington Post, a News Channel Asia Documentary.
#hacking #infosec #webapi #webapp
00:00 Web API Weaknesses
00:27 About Charles
1:07 Hacking Web API's
1:36 Types of Web API's
3:10 What is Rest API?
4:10 Rest API Testing Approach
5:47 Understand the API Attack Surface
8:40 API Documentation
9:09 Broken Authentication
9:28 Authentication Bypass
10:58 Testing for SQL Injection
13:13 Validate the Response
14:24 Test for IDOR Attacks
16:27 Test for XML Attacks
16:58 What is XML Injection?
17:15 Test for XML Injection
18:03 XXE Injection Attack
20:02 Testing Brute Force
21:09 Abusing Lack of Rate Limiting
23:22 Finding Sensitive Data Using Get Requests
24:57 Find Post & Put Requests for Endpoints
26:26 API Security Misconfiguration
28:12 Automated API Fuzzing
30:25 Automated Fuzzing Using Astra
31:50 Automated Fuzzing Using FuzzAPI
33:55 Learning Resources
34:58 Practice Resources
36:04 Questions
0:50:47
Fundamentals of Hacking Web API's
0:09:41
Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them
0:04:56
What is an API (in 5 minutes)
0:09:47
Top 12 Tips For API Security
3:07:07
APIs for Beginners 2023 - How to use an API (Full Course / Tutorial)
0:04:32
OAuth 2 Explained In Simple Terms
0:13:29
Hacking APIs: Fuzzing 101
0:00:30
programming language, speed compilation #c++ #golang #rust
0:05:21
What is an API ? Simply Explained
0:04:40
100% Free API Hacking Course 💯🆓😲| 2023
0:00:16
Best Programming Languages #programming #coding #javascript
0:05:07
'Basic Authentication' in Five Minutes
0:00:30
Junior Developer v/s Senior Developer😛 #shorts #funny
2:19:33
APIs for Beginners - How to use an API (Full Course / Tutorial)
0:53:46
Free Hacking API courses (And how to use AI to help you hack)
0:18:51
How Hacking APIs Works | Cybersecurity
0:13:35
API Hacking Demo | Bug Bounty Web App Testing
0:06:25
Top 8 Most Popular Network Protocols Explained
0:03:53
🛑 API Hacking
0:10:19
What is an API Gateway?
0:02:30
Go in 100 Seconds
0:28:19
Free Hacking APIs Course (APISEC University!)
0:00:28
Developer Last Expression 😂 #shorts #developer #ytshorts #uiux #python #flutterdevelopment
0:02:20
Why The Hacking APIs book?
Комментарии