Introduction

The API Penetration Testing Course will guide you through actively testing web application programming interfaces (APIs) for security flaws. This course is a self-paced, practical guide that will show you the tools and techniques that can be leveraged to attack APIs. Although the skills that you will pick up in this course can be applied to a variety of APIs, the primary focus will be on REST APIs.

The ACE training will help you get your hands on the keyboard and walk you through the API hacking process. In this course, you will learn how to discover APIs, interact with endpoints, and exploit several weaknesses like Broken Authentication, Mass Assignment, and Broken Object Level Authorization. By the end of this course, you will have the skill set to thoroughly test web APIs.

Who is this for?

ACE is great for anyone interested in dedicating time to learning how to test APIs for security weaknesses. This course was meant to help improve the skills of bug bounty hunters, developers, and penetration testers. Before taking this course it would help to have a basic understanding of how web apps and APIs work.

The ACE course is completely free for anyone that wants to learn about API hacking. Those who would like to certify their knowledge can take the ACE exam. The ACE exam is a six-hour practical assessment of your ability to test APIs and find vulnerabilities. Students who pass the exam will receive the (ACE) certification.

Index

Last updated