Ethical Hacking of RESTful and GraphQL APIs Training Course

Become a Successful REST API and GraphQL API Penetration Tester and Bug Bounty Hunter!

4.64 (21 reviews)

Udemy

platform

English

language

Network & Security

What you will learn

RESTful API vulnerabilities

GraphQL API vulnerabilities

Basic web application vulnerabilities

Basic mobile application vulnerabilities

Getting started in web application bug bounty

Getting started in mobile application bug bounty

REST API Introduction

REST API Discovery and Recon

REST API Enumeration

REST API Broken Object Level Authorization (BOLA)

REST API Broken Authentication

REST API Broken Object Property Level Authorization

REST API Excessive Data Exposure

REST API Mass Assignment

REST API Unrestricted Resource Consumption

REST API Broken Function Level Authorization (BLFA)

REST API Unrestricted Access to Sensitive Business Flows

REST API Server Side Request Forgery (SSRF)

REST API Security Misconfiguration

REST API Improper Inventory Management

REST API Unsafe Consumption of APIs

REST API Server-side parameter pollution

GraphQL Introduction

What is GraphQL

GraphQL Key terminologies

GraphQL Burp extensions

GraphQL Wordlists

GraphQL Payloads

GraphQL Tools

GraphQL API Attack Surface, Recon, Enumeration

GraphQL Attack Surface Analysis

GraphQL GET requests and the issues

GraphQL POST requests

GraphQL Information Disclosure

GraphQL Introspection

GraphQL GET vs. POST Introspection

GraphQL Introspection filter bypass example

GraphQL Non-prod GraphQL endpoints

GraphQL Field Suggestion

GraphQL Automating Field Suggestion

GraphQL Field Stuffing

GraphQL Abusing Error Messages

GraphQL IDE

GraphQL DoS

GraphQL Deep Recursion Query Attack

GraphQL Circular Fragment Vulnerabilities

GraphQL Batch Query Attacks / Resource Intensive Query Attacks

GraphQL Field Duplication Attacks

GraphQL Alias based attacks (DoS scenario)

GraphQL Directive Overloading

GraphQL Object Limit Overriding

GraphQL Array-Based Query Batching

GraphQL Authentication and Authorization attacks

GraphQL Login functions

GraphQL Bypassing protections

GraphQL Alias based attacks / query batching

GraphQL JWT token forgery

GraphQL Cookie forgery

GraphQL Access control issues and IDORs

GraphQL Injection attacks

GraphQL OS Command Injection

GraphQL SQL Injection

GraphQL HTML Injection

GraphQL XSS (Cross-site scripting)

GraphQL Request Forgery and Hijacking

GraphQL Server-side request forgery (SSRF)

GraphQL Cross-site request forgery (CSRF)

GraphQL GET based CSRF

GraphQL POST based CSRF

GraphQL Cross-Site WebSocket Hijacking (CSWH)

Screenshots

Ethical Hacking of RESTful and GraphQL APIs Training Course - Screenshot_01

Ethical Hacking of RESTful and GraphQL APIs Training Course - Screenshot_02

Ethical Hacking of RESTful and GraphQL APIs Training Course - Screenshot_03

Ethical Hacking of RESTful and GraphQL APIs Training Course - Screenshot_04

5879124

udemy ID

3/18/2024

course created date

3/29/2024

course indexed date

Bot

course submited by