- New Arrivals
Fiction- Historical FictionCrime & ThrillersMysteryScience-FictionFantasyPoetryRomanceChildren’s BooksYoung Adult
- Biographies & MemoirsHistoryCurrent AffairsTech & ScienceBusinessSelf-DevelopmentTravelThe ArtsFood & WineReligion & SpiritualitySportsHumor
Children’s BooksListsGift CardsWhat To ReadMy ListsGames- About & Help
- About Tertulia
- Membership & Co-Ownership
- Shipping & Delivery
- Orders & Payments
- Contact Support
- Send App Feedback
- Follow us
- Download the app
The co-op bookstore for avid readers
Hacking APIs: Breaking Web Application Programming Interfaces
Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure.
You'll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you'll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass. Next, you'll learn to perform common attacks, like those targeting an API's authentication mechanisms and the injection vulnerabilities commonly found in web applications. You'll also learn techniques for bypassing protections against these attacks.
In the book's nine guided labs, which target intentionally vulnerable APIs, you'll practice:
By the end of the book, you'll be prepared to uncover those high-payout API bugs other hackers aren't finding and improve the security of applications on the web.
Book Details
- Publisher: No Starch Press
- Publish Date: Jul 12nd, 2022
- Pages: 368
- Language: English
- Edition: undefined - undefined
- Dimensions: 9.10in - 6.90in - 0.80in - 1.50lb
- EAN: 9781718502444
- Categories: • Internet - Web Services & APIs• Security - Network Security
About the Author
What people are saying
Автоматичний репост новин з каналів ІТ тематики 🔥🎯https://t.co/DIogbDtgJ2 ⬅️ - Telegram🎯🔥 #cybersecurity #osint #socmint #security #Hacking
Hacking APIs: Breaking Web Application Programming Interfaces Corey J. Ball 2022 #hacking #eng... https://t.co/mSqV6r7nOV
CISO/Hacker in Charge @buddobot, 18 years hacking, 10 years leadership. exCitrix, exRedspin, exFortify, exHP, exBugcrowd, exUbisoft
a NEW one I missed because it was later in the talk, Corey Ball's (@hAPI_hacker) Hacking APIs - Breaking Web Application Programming Interfaces https://t.co/sAnXtuh3kG I'm really enjoying this one so far! 12/x
Programming content, tutorials, and courses. #python #vue https://t.co/r4k0G1ncZF https://t.co/3mrnGidHQq Created by @gwen_faraday
Current book I’m reading 😄 “Hacking APIs: Breaking Web Application Programming Interfaces Book,” by Corey J. Ball. https://t.co/7UG2kLyEfd
Praise for this book
--Chris Roberts, @Sidragon1, vCISO/Researcher/Hacker
"This book opens the doors to the field of API Hacking, a subject not very well understood. Using real-world examples that emphasize Access Control issues, this book will help you understand the ins and outs of securing APIs, hunt great bounties, and help organizations improve their API Security!"
--Inon Shkedy, @InonShkedy, Security Researcher
"Even though the internet is filled with information on any topic possible in cybersecurity, it is still hard to find solid insight on performing penetration tests on APIs. Corey's book satisfies this demand--not only for the beginner cybersecurity practitioner, but also for the seasoned expert."
--Cristi Vlad, @CristiVlad25, Cybersecurity Researcher
"Hacking APIs is extremely helpful for anyone who wants to get into penetration testing. In particular, this book gives you the tools to start testing the security of APIs, which are becoming a weak point for many modern web applications. Experienced security folks can get something out of the book too, as it features automation tips and protection bypass techniques that will up any pentesters' game."
--Vickie Li, @vickieli7, Developer Evangelist, Author of Bug Bounty Bootcamp
"[Hacking APIs is] the best source of API info I've seen. If you're curious about what APIs are and how they work, read it once. If you work with or create APIs, read it twice. If you break APIs, read it three times."
--Graham Helton, @GrahamHelton3
"One of the few books that is actually dedicated to API hacking. . . . a great resource for anyone who wants to learn more about API security and how to hack into web applications. It provides in-depth information on how to break through various types of APIs, as well as tips on how to stay ahead of the curve in this rapidly changing field."
--Dana Epp, Security Boulevard
"This book has more to offer than hacking APIs but sets down a solid foundation of tools and techniques that would benefit any developer or QA Engineer that has to develop, test, or otherwise work with APIs."
--John Wenning, Cybersecurity Researcher, Fortra
"A thorough guide to what APIs are, how they work, what technologies they use, the various common insecurities that APIs have, and, most importantly, how to exploit them. . . . I would recommend Hacking APIs as a great read for anyone interested in learning more about the vulnerable side of APIs."
--Darlene Hibbs, Senior Cybersecurity Researcher, Fortra
What people are saying
Автоматичний репост новин з каналів ІТ тематики 🔥🎯https://t.co/DIogbDtgJ2 ⬅️ - Telegram🎯🔥 #cybersecurity #osint #socmint #security #Hacking
Hacking APIs: Breaking Web Application Programming Interfaces Corey J. Ball 2022 #hacking #eng... https://t.co/mSqV6r7nOV
CISO/Hacker in Charge @buddobot, 18 years hacking, 10 years leadership. exCitrix, exRedspin, exFortify, exHP, exBugcrowd, exUbisoft
a NEW one I missed because it was later in the talk, Corey Ball's (@hAPI_hacker) Hacking APIs - Breaking Web Application Programming Interfaces https://t.co/sAnXtuh3kG I'm really enjoying this one so far! 12/x