Join us for Wild West Hackin’ Fest Mile High conference! Register Here

Professionally Evil API Testing: A Practical Course for Beginners with Jennifer Shannon

Course Authored by .

Professionally Evil API Testing A Practical Course for Beginners with Jennifer Shannon

If you want to learn how to perform security testing on web applications that use application programming interfaces (APIs), this course is for you.

Course Length: 12 Hours

Includes a Certificate of Completion



Enroll Now

Next scheduled date: Content is loading, please wait.

Description

If you want to learn how to perform security testing on web applications that use application programming interfaces (APIs), this course is for you.

APIs are the connective tissue responsible for transferring information between systems, both internally and externally. They are also a common target for cyberattacks, as they can expose sensitive data, application logic, and internal infrastructure. In this course, you will learn the basics of API penetration testing, including:

  • What is an API and how it works
  • What are the common types of APIs (SOAP, REST, and GraphQL) and their differences
  • What are some of the most common security risks and vulnerabilities of APIs
  • How to use tools and techniques to test APIs for security issues

By the end of this course, you will be able to conduct a basic API pen test using a systematic approach and industry best practices. You will also gain hands-on experience with popular tools such as Postman, Burp Suite, Nmap, and OWASP ZAP. This course is suitable for beginners who have some knowledge of web application security and want to expand their skills to API security testing. Check out our other Secure Ideas courses here.

  • Student Requirements
    • Students will need a computer capable of running the local SamuraiWTF VM lab environment.
    • Please note: Students using Mac devices with M1/M2/M2/M4 chipsets may not be able to run the preconfigured virtual machine due to hardware compatibility issues.

FAQ

Key Takeaways

Explore OWASP API Security Top 10 2019
How to attack REST APIs
How to prevent API security flaws
Explore and attack OAuth and JWTs
Understand that strong data validation is key to API security

Who Should Take This Course

Anyone with an interest in REST API security will benefit from this course. The course is aimed at teaching students how to think about REST API security from an attacker mindset, which is useful for defenders and attackers alike.

What Each Student Will Be Provided With

Students will be provided access to download an OVA image of the SamuraiWTF lab environment virtual machine. Students will be able to continue to use this VM after the course to practice labs on their own time.

About the Instructor

Pixel splash background
Jennifer Shannon
Jennifer Shannon
"Known Bad Actor"
Bio

Jennifer is a Senior Security Consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities.

Related products

Shopping Cart

No products in the cart.