filmov
tv
Topics of Interest: vAPI: Vulnerable Adversely Programmed Interface (OWASP API Top 10) - T. Kulkarni
Показать описание
Topics of Interest: vAPI: Vulnerable Adversely Programmed Interface (OWASP API Top 10)
SPEAKER
Tushar Kulkarni
ABSTRACT
We have seen developers move from traditional 2 tier application architecture to a 3 tier architecture that involves an API talking to front-end and backend services. The API used or developed might ease the development process but a lot of vulnerabilities can come up if not developed or configured properly. vAPI is a Vulnerable Interface in a Lab-like environment that mimics the scenarios from OWASP API Top 10 and helps the user understand and exploit the vulnerabilities according to OWASP API Top 10 2019. It might be useful for Developers as well as Penetration Testers to understand the type of vulnerabilities in APIs. The lab is divided into 10 exercises that sequentially demonstrate the vulnerabilities and give a flag if exploited successfully.
Managed by the OWASP® Foundation
SPEAKER
Tushar Kulkarni
ABSTRACT
We have seen developers move from traditional 2 tier application architecture to a 3 tier architecture that involves an API talking to front-end and backend services. The API used or developed might ease the development process but a lot of vulnerabilities can come up if not developed or configured properly. vAPI is a Vulnerable Interface in a Lab-like environment that mimics the scenarios from OWASP API Top 10 and helps the user understand and exploit the vulnerabilities according to OWASP API Top 10 2019. It might be useful for Developers as well as Penetration Testers to understand the type of vulnerabilities in APIs. The lab is divided into 10 exercises that sequentially demonstrate the vulnerabilities and give a flag if exploited successfully.
Managed by the OWASP® Foundation
0:22:34
Topics of Interest: vAPI: Vulnerable Adversely Programmed Interface (OWASP API Top 10) - T. Kulkarni
0:22:34
Topics of Interest vAPI Vulnerable Adversely Programmed Interface OWASP API Top 10 T Kulkarni
0:17:24
vAPI - Vulnerable Adversely Programmed Interface (Blackhat Europe 2022 Arsenal)
0:15:26
vAPI - Vulnerable Adversely Programmed Interface (Blackhat Europe 2021 Arsenal)
0:13:49
Improper Assets Management - API Top 10
1:57:14
vAPI: Live API Hacking
0:10:32
Api Broken Object Level Authorization Part 2
0:13:44
The @OWASPGLOBAL API Top 10 - DEMO [COMPILATION]
0:20:44
API Security Part 2 - Mitigating OSWAP Top 10 threats for APIs
0:12:56
AP 120 Vulnerable API
0:08:06
Broken Object Level Authorization (BOLA) Explained
0:02:00
Broken Object Level Authorization
0:05:43
Prerequest Scripts | API Testing
0:01:53
Broken Object Level Authorization - 2023 OWASP Top 10 API Security Risks
0:49:59
Practical Application of the API Security Top 10 with Rajni Hatti! - OWASP DevSlop
0:48:01
Owasp top ten APIs
1:20:26
Pentesting API Top 10 by @Tushar Kulkarni
0:58:17
Secure your API! The OWASP API Security Top 10
0:06:15
API9:2019 Improper Assets Management| Practical Lab | 2022 | Kontra | ApplicationSecurity.io
0:21:38
BlackHat Arsenal Presentation | Open-Source API Security
0:09:10
TryHackMe | OWASP Top 10 - Day 2 (Broken Authentication)
1:42:43
API Security OWASP Top 10
0:04:38
How BOLA in API Endpoint can lead to Account Takeover | Postman | API Security
0:14:30
An urgent call to protect the world's 'Third Pole' | Tshering Tobgay
Комментарии