Master API Pentesting: Offensive Security Pro Course
Focused View
5:12:49
1 - Introduction.mp4
04:13
2 - API-Pentesting-Mindmap-ATTACK.pdf
2 - API-Pentesting-Mindmap-HTML.html
2 - Breaking-APIs-An-Offensive-API-Pentesting-Course.pdf
2 - Introduction to APIs.mp4
08:20
2 - What is an API.txt
3 - What are REST APIs.mp4
04:10
3 - What is a REST API.txt
4 - Web Application Fundamentals.mp4
11:21
5 - Statefull and Stateless HTTP Reqests.mp4
02:17
5 - Stateful vs stateless.txt
6 - Types of APIs.mp4
06:40
7 - API Authentication Process.mp4
05:42
8 - What Is API Pentesting.mp4
02:50
9 - Lab Setup and Lab Overview.mp4
06:55
10 - Burpsuite Configurations.mp4
03:09
10 - Portswigger Website.txt
11 - Postman Dowload and Setup.mp4
04:17
11 - Postman Download.txt
12 - Postman Introduction.mp4
08:47
13 - Introduction Of Active and Passive Recon.mp4
01:54
14 - Active Recon.mp4
13:21
15 - Passive Recon.mp4
23:56
16 - API Endpoint Analysis.mp4
13:58
17 - Broken Object Level Authorization Overview.mp4
17:34
18 - Broken Object Level Authorization Practical 1.mp4
07:35
19 - Broken Object Level Authorization Practical 2.mp4
06:36
20 - Task.html
21 - Broken Authentication Overview.mp4
09:48
22 - Broken Authentication Practical 1.mp4
04:53
23 - Broken Authentication Practical 2.mp4
06:59
24 - Task.html
25 - JSON Web Token Attacks and Vulnerabilities Overview.mp4
08:30
26 - JSON Web Token Attacks Practical.mp4
08:56
27 - Broken Function Level Authorization Overview.mp4
09:47
28 - Broken Function Level Authorization Practical 1.mp4
06:46
29 - Broken Function Level Authorization Practical 2.mp4
03:29
30 - Task.html
31 - Server Side Request Forgery Overview.mp4
02:40
32 - Server Side Request Forgery Practical 1.mp4
03:08
33 - Server Side Request Forgery Practical 2.mp4
01:29
34 - Task.html
35 - Excessive Data Exposure Overview.mp4
06:44
36 - Excessive Data Exposure Practical 1.mp4
04:43
37 - Excessive Data Exposure Practical 2.mp4
04:50
38 - Task.html
39 - Lack of Resource and Rate Limiting Overview.mp4
04:44
40 - Lack of Resource and Rate Limiting Practical 1.mp4
02:54
41 - Lack of Resource and Rate Limiting Practical 2.mp4
03:50
42 - Task.html
43 - Mass Assignment Overview.mp4
08:03
44 - Mass Assignment Practical 1.mp4
02:23
45 - Mass Assignment Practical 2.mp4
03:19
46 - Task.html
47 - Injection Attacks Overview.mp4
03:22
48 - Injection Attacks Practical 1.mp4
06:32
49 - Injection Attacks Practical 2.mp4
05:49
50 - Task.html
51 - Improper Assets Management Overview.mp4
05:18
52 - Improper Assets Management Practical 1.mp4
09:12
53 - Improper Assets Management Practical 2.mp4
05:08
54 - Task.html
55 - Security Misconfigurations Overview.mp4
05:56
56 - Security Misconfigurations Practical 1.mp4
02:18
57 - Security Misconfigurations Practical 2.mp4
03:08
58 - Task.html
59 - Insufficient Logging and Monitoring Overview.mp4
03:06
60 - Insufficient Logging and Monitoring Practical 1.mp4
00:51
61 - Task.html
62 - Bonus lecture.mp4
00:39
More details
Course Overview
This offensive API pentesting course teaches you to identify vulnerabilities, exploit weaknesses, and enhance defenses through hands-on techniques used by security professionals.
What You'll Learn
- Identify and exploit common API vulnerabilities like BOLA and broken authentication
- Perform advanced pentesting techniques including JWT attacks and SSRF
- Generate professional reports with remediation recommendations
Who This Is For
- Security consultants and penetration testers
- Developers and DevOps engineers
- Cybersecurity professionals
Key Benefits
- Practical labs covering OWASP API Security Top 10 risks
- Tool setup guidance for Burp Suite and Postman
- Real-world attack simulations with defense strategies
Curriculum Highlights
- API fundamentals and pentesting methodology
- Broken object/function level authorization attacks
- Injection attacks and security misconfigurations
Focused display
Category
- language english
- Training sessions 51
- duration 5:12:49
- Release Date 2025/06/08
