This badge was issued to Remco Bijlsma on 15 Feb 2024.

API Penetration Testing
  • Type Learning
  • Level Advanced
  • Time Weeks
Additional Details

API Penetration Testing

Issued by APIsec University

The API Penetration Testing course provides hands-on instruction on testing APIs for security flaws. Participants in the course have learned specific, detailed tools and techniques for analyzing, testing and identifying API vulnerabilities. The skills learned include API reconnaissance, scanning, auditing JSON Web Tokens, performing authentication and authorization attacks, and exploiting other common API weaknesses like injection, mass assignment, and server-side request forgery.

  • Type Learning
  • Level Advanced
  • Time Weeks
Additional Details

Skills

Earning Criteria

  • Completed all 12 training modules - total of 12 hours
  • Passed all 11 module Quizzes with 100% score
  • Passed all 6 Assessments with 100% score

Standards

OWASP API Security Top 10
APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this, APIs have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.
Hacking APIs
The book that teaches you how to test web APIs for security vulnerabilities. You’ll learn how APIs work in the wild. Then you’ll set up a streamlined API testing lab and perform common attacks, like those targeting an API’s authentication mechanisms, and the injection vulnerabilities commonly found in web applications.