Welcome to Mobilarian Forum - Official Symbianize forum.

[predium]

Ethical Hacking of RESTful and GraphQL APIs Training Course
Published 3/2024
Created by Martin Voelk
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 58 Lectures ( 5h 34m ) | 2.93 GB​

Become a Successful REST API and GraphQL API Penetration Tester and Bug Bounty Hunter!

What you'll learn:
RESTful API vulnerabilities
GraphQL API vulnerabilities
Basic web application vulnerabilities
Basic mobile application vulnerabilities
Getting started in web application bug bounty
Getting started in mobile application bug bounty
REST API Introduction
REST API Discovery and Recon
REST API Enumeration
REST API Broken Object Level Authorization (BOLA)
REST API Broken Authentication
REST API Broken Object Property Level Authorization
REST API Excessive Data Exposure
REST API Mass Assignment
REST API Unrestricted Resource Consumption
REST API Broken Function Level Authorization (BLFA)
REST API Unrestricted Access to Sensitive Business Flows
REST API Server Side Request Forgery (SSRF)
REST API Security Misconfiguration
REST API Improper Inventory Management
REST API Unsafe Consumption of APIs
REST API Server-side parameter pollution
GraphQL Introduction
What is GraphQL
GraphQL Key terminologies
GraphQL Burp extensions
GraphQL Wordlists
GraphQL Payloads
GraphQL Tools
GraphQL API Attack Surface, Recon, Enumeration
GraphQL Attack Surface Analysis
GraphQL GET requests and the issues
GraphQL POST requests
GraphQL Information Disclosure
GraphQL Introspection
GraphQL GET vs. POST Introspection
GraphQL Introspection filter bypass example
GraphQL Non-prod GraphQL endpoints
GraphQL Field Suggestion
GraphQL Automating Field Suggestion
GraphQL Field Stuffing
GraphQL Abusing Error Messages
GraphQL IDE
GraphQL DoS
GraphQL Deep Recursion Query Attack
GraphQL Circular Fragment Vulnerabilities
GraphQL Batch Query Attacks / Resource Intensive Query Attacks
GraphQL Field Duplication Attacks
GraphQL Alias based attacks (DoS scenario)
GraphQL Directive Overloading
GraphQL Object Limit Overriding
GraphQL Array-Based Query Batching
GraphQL Authentication and Authorization attacks
GraphQL Login functions
GraphQL Bypassing protections
GraphQL Alias based attacks / query batching
GraphQL JWT token forgery
GraphQL Cookie forgery
GraphQL Access control issues and IDORs
GraphQL Injection attacks
GraphQL OS Command Injection
GraphQL SQL Injection
GraphQL HTML Injection
GraphQL XSS (Cross-site scripting)
GraphQL Request Forgery and Hijacking
GraphQL Server-side request forgery (SSRF)
GraphQL Cross-site request forgery (CSRF)
GraphQL GET based CSRF
GraphQL POST based CSRF
GraphQL Cross-Site WebSocket Hijacking (CSWH)

Requirements:
Basic IT Skills
Basic understanding of web or mobile app technology
No Linux, programming or hacking knowledge required
Computer with a minimum of 4GB ram/memory
Operating System: Windows / Apple Mac OS / Linux
Reliable internet connection
Burp Suite Community (Pro optional)
Firefox Web Browser
Either VMware, Virtual Box, Raspberry PI or similar to run virtual servers

Please, Log in or Register to view codes content!

To view the content, you need to Sign In or Register.

 

[KatzSec DevOps]

predium salamat sa pag contribute. Next time always upload your files sa

Please, Log in or Register to view URLs content!

para siguradong di ma dedeadlink. Let's keep on sharing to keep our community running for good. This community is built for you and everyone to share freely. Let's invite more contributors para mabalik natin sigla ng Mobilarian at tuloy ang puyatan.