Professionally Evil API Testing: AAA and Keys are Not Just for Cars
March 13, 2024 @ 12:00 pm – 4:00 pm EDT
Instructor: Jennifer Shannon
Course Length: 4 Hours
Note: This is a Pay-What-You-Can course. Your access to the Cyber Range will vary depending on how much you pay. (Details below.)
Pricing:
Clicking on this button will take you to our registration form on Cvent.
Course Description
This course will teach you how to test web APIs for authorization and access control related security flaws. You will learn how to map API functionality, identify authentication and authorization flaws, and exploit common API vulnerabilities. You will also gain hands-on experience with tools and techniques for testing API authorization mechanisms and access control models. By the end of this course, you will be able to:
- Perform API reconnaissance and endpoint analysis
- Scan APIs for security misconfigurations and excessive data exposure
- Attack API authentication schemes
- Test API authorization mechanisms for vulnerabilities like insecure direct object references and privilege escalation
- Test APIs for rate limiting and business logic flaws
- Combine tools and techniques to exploit API weaknesses
This course is suitable for anyone who wants to learn how to hack web APIs or improve their API security skills. You should have some basic knowledge of web application security, HTTP requests, and common API testing tools.
Pay-What-You-Can and Cyber Range Access
Cyber Range access varies depending on payment level.
| Tuition Paid | Cyber Range Access |
|---|---|
| Less than $295 | No Cyber Range Access |
| $295+ | Six Months Cyber Range Access |
| Full Price – $575 | Twelve Months Cyber Range Access |
Course Instructor
Jennifer is a senior security consultant at Secure Ideas with a background in malware analysis, penetration testing, and teaching. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst, where she showed an aptitude for penetration testing and malware analysis. Her background as “blue team” uniquely prepared her for guiding clients through remediation and contextualizing findings for their environment.
She graduated with honors from Florida State College at Jacksonville’s networking program. While pursuing her degree, she dedicated time to teaching computing skills to underrepresented minorities. Jennifer continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.
