Sign up to save your podcasts
Or
Share OWASP TESTING GUIDE
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
OWASP TESTING GUIDE
This podcast outlines the fundamentals of Web API testing, focusing on security considerations. It explains core concepts like REST architecture, URI structure, HTTP request methods and response codes, and common web authentication mechanisms such as Bearer Tokens, HTTP Cookies, and Basic HTTP authentication. The text then details generic and specific testing methodologies for APIs, including endpoint discovery, bug exploitation with examples like IDOR and privilege escalation, and in-depth techniques for testing token-based authentication, particularly concerning JWTs, including potential vulnerabilities and brute-forcing weak secrets. Finally, it lists related test cases and useful tools for API security assessment
View all episodes
By SublimetechieThis podcast outlines the fundamentals of Web API testing, focusing on security considerations. It explains core concepts like REST architecture, URI structure, HTTP request methods and response codes, and common web authentication mechanisms such as Bearer Tokens, HTTP Cookies, and Basic HTTP authentication. The text then details generic and specific testing methodologies for APIs, including endpoint discovery, bug exploitation with examples like IDOR and privilege escalation, and in-depth techniques for testing token-based authentication, particularly concerning JWTs, including potential vulnerabilities and brute-forcing weak secrets. Finally, it lists related test cases and useful tools for API security assessment