API Attacks & Defense


API Attacks & Defense
- متوسط
- مسیر قرمز
- ۳ درس
دربارهی این دوره
این دوره به چه افرادی توصیه میشود؟
- برنامهنویسان وب
- علاقهمندان به تست نفوذ و هانت آسیبپذیریهای API
برای حضور در این دوره چه دانشهایی باید داشته باشم؟
- آشنایی با حملههای رایج وب
- حداقل یک سال سابقهی کاری در حوزهی تست نفوذ وب
سرفصلهای دوره
-
Modern APIs
-
API Styles
-
REST
-
gRPC & tRPC
-
GraphQL
-
-
API Design
-
REST API Design
-
gRPC & tRPC Design
-
GraphQL Design
-
-
API Implementation
-
-
API Recon
-
API Recon Methodology
-
Internal & External APIs
-
REST & RPC
-
Public Endpoints
-
Hidden Endpoints
-
Mapping API Endpoints
-
Fuzzing API Endpoints
-
-
GraphQL
-
GraphQL Engine Analysis
-
GraphQL IDE
-
Graph Mapping
-
Graph Fuzzing
-
Attack Surface Analysis
-
-
API Key Disclosure
-
GitHub
-
Application
-
-
-
API Attacks & Defense
-
Broken Object Property Level Authorization
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Broken Function Level Authorization
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Broken Object Level Authorization
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Broken Authentication
-
JWT Attack Scenarios
-
Weak Passwords
-
Weak Implementation of Reset Password
-
-
Injection
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
SSRF
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Improper Inventory Management
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Unsafe Consumption of APIs
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Unrestricted Resource Consumption
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
Unrestricted Access to Sensitive Business Flows
-
Root Cause Analysis
-
Attack Scenarios & Hunting Methodology
-
Defense Techniques
-
-
گواهینامهی دوره
