Introduction to API Security Testing

Описание: In this video, I discussed API Security Testing and focused more on why it's essential over functional testing and what are the methodologies, you need to follow to perform this testing and why manual testing is essential over automation while testing any API and discussed what are the vulnerabilities to look for during manual testing.


00:00 - Introduction
00:45 - What is an API?
02:26 - What all of these applications have in common?
03:24 - HTTP Request/Response
04:41 - What is API Security Testing?
06:27 - What type of vulnerability to look for during Testing?
07:23 - Broken Object Level Authorization
10:50 - Broken User Authentication
13:52 - Excessive Data Exposure
16:35 - Lack of Resources & Rate Limiting
19:26 - Broken Function Level Authorization
22:54 - Mass Assignment
26:00 - Security Misconfiguration
28:43 - Injection
31:43 - Improper Assets Management
35:16 - Insufficient Logging & Monitoring
37:53 - Why API Security Testing is important?
40:29 - API Security Testing Methodology
44:35 - Authentication
46:31 - Parameter Tampering
48:26 - Injection
49:48 - HTTP Method Manipulation
51:29 - Fuzzing
53:43 - Manual Testing vs Automation
56:09 - API Security Testing Tools
58:34 - Takeaways
01:01:40 - Thank You

Website - https://hackbotone.com/

Follow me:
Medium: -   / hackbotone  
Facebook: -   / hackbotone  
Twitter: -   / anspattnaik  
Linkedin : -   / anshuman123  
Github: - https://github.com/anshumanpattnaik