Ethical Hacking of RESTful and GraphQL APIs Training Course

Become a Successful REST API and GraphQL API Penetration Tester and Bug Bounty Hunter!
4.60 (26 reviews)
Udemy
platform
English
language
Network & Security
category
Martin Voelk
instructor
Ethical Hacking of RESTful and GraphQL APIs Training Course
250
students
5.5 hours
content
Jan 2025
last update
$79.99
regular price

What you will learn

RESTful API vulnerabilities

GraphQL API vulnerabilities

Basic web application vulnerabilities

Basic mobile application vulnerabilities

Getting started in web application bug bounty

Getting started in mobile application bug bounty

REST API Introduction

REST API Discovery and Recon

REST API Enumeration

REST API Broken Object Level Authorization (BOLA)

REST API Broken Authentication

REST API Broken Object Property Level Authorization

REST API Excessive Data Exposure

REST API Mass Assignment

REST API Unrestricted Resource Consumption

REST API Broken Function Level Authorization (BLFA)

REST API Unrestricted Access to Sensitive Business Flows

REST API Server Side Request Forgery (SSRF)

REST API Security Misconfiguration

REST API Improper Inventory Management

REST API Unsafe Consumption of APIs

REST API Server-side parameter pollution

GraphQL Introduction

What is GraphQL

GraphQL Key terminologies

GraphQL Burp extensions

GraphQL Wordlists

GraphQL Payloads

GraphQL Tools

GraphQL API Attack Surface, Recon, Enumeration

GraphQL Attack Surface Analysis

GraphQL GET requests and the issues

GraphQL POST requests

GraphQL Information Disclosure

GraphQL Introspection

GraphQL GET vs. POST Introspection

GraphQL Introspection filter bypass example

GraphQL Non-prod GraphQL endpoints

GraphQL Field Suggestion

GraphQL Automating Field Suggestion

GraphQL Field Stuffing

GraphQL Abusing Error Messages

GraphQL IDE

GraphQL DoS

GraphQL Deep Recursion Query Attack

GraphQL Circular Fragment Vulnerabilities

GraphQL Batch Query Attacks / Resource Intensive Query Attacks

GraphQL Field Duplication Attacks

GraphQL Alias based attacks (DoS scenario)

GraphQL Directive Overloading

GraphQL Object Limit Overriding

GraphQL Array-Based Query Batching

GraphQL Authentication and Authorization attacks

GraphQL Login functions

GraphQL Bypassing protections

GraphQL Alias based attacks / query batching

GraphQL JWT token forgery

GraphQL Cookie forgery

GraphQL Access control issues and IDORs

GraphQL Injection attacks

GraphQL OS Command Injection

GraphQL SQL Injection

GraphQL HTML Injection

GraphQL XSS (Cross-site scripting)

GraphQL Request Forgery and Hijacking

GraphQL Server-side request forgery (SSRF)

GraphQL Cross-site request forgery (CSRF)

GraphQL GET based CSRF

GraphQL POST based CSRF

GraphQL Cross-Site WebSocket Hijacking (CSWH)

Course Gallery

Ethical Hacking of RESTful and GraphQL APIs Training Course – Screenshot 1
Screenshot 1Ethical Hacking of RESTful and GraphQL APIs Training Course
Ethical Hacking of RESTful and GraphQL APIs Training Course – Screenshot 2
Screenshot 2Ethical Hacking of RESTful and GraphQL APIs Training Course
Ethical Hacking of RESTful and GraphQL APIs Training Course – Screenshot 3
Screenshot 3Ethical Hacking of RESTful and GraphQL APIs Training Course
Ethical Hacking of RESTful and GraphQL APIs Training Course – Screenshot 4
Screenshot 4Ethical Hacking of RESTful and GraphQL APIs Training Course

Loading charts...

5879124
udemy ID
18/03/2024
course created date
29/03/2024
course indexed date
Bot
course submited by