• Lesson 1: Introduction to API
  • Lesson 2: Postman Lab Setup
  • Lesson 3: Preparation for API Pen-Testing
  • Lesson 4: Lab Setup
  • Lesson 5: OWASP API Top 10
  • Lesson 6: SQL Injection
  • Lesson 7: Command Injection
  • Lesson 8: Offensive XXE Exploitation
  • Lesson 9: Server-Side Request Forgery
  • Lesson 10: Cross-Site Scripting
  • Lesson 11: Transport Layer Security Issues
  • Lesson 12: Mass Assignment Attack
  • Lesson 13: Broken Object Level Authorization Issues
  • Lesson 14: File Path Traversal
  • Lesson 15: User Enumeration
  • Lesson 16: Information Disclosure
  • Lesson 17: JSON Web Token
  • Lesson 18: Unauthorized Password Change
  • Lesson 19: Excessive Data Exposure
  • Lesson 20: Lack of Resource & Rate Limiting
  • Lesson 21: Regular Expression DOS Attack
  • Lesson 22: BFLA Issues
  • Lesson 23: Billion Laugh Attack
  • Lesson 24: Hidden API Functionality Exposure
  • Lesson 25: RCE Via Deserialization in APIĀ