A lot of courses will teach you how to work with a tool but less on how to actually test an API. In this workshop we'll focus just on that part. While Ethical Hacking is mostly done by security professionals, but why not do it yourself? There are several vulnerabilities that a tester can find and exploit without the help of a Security Expert. And I'm not just talking about the most common vulnerabilities that you'll find in all the blogs and "top 10 lists", there are hundreds of different types of vulnerabilities out there which also need to be found and fixed.
We'll dive into the basics of Burpsuite (a proxy tool used for penetration testing that lets you examine and change API requests) for offensive security and I'll explain several vulnerabilities and how to exploit them, you'll then have hands-on experiences yourself finding these vulnerabilities. Afterwards I'll share a real world story of how I used these vulnerabilities in the to ethically hack a client's company or application on the job.
In this workshop you'll learn new test techniques to start hacking APIs, new vulnerabilities that you'll be able to find and exploit. You do not need to have scripting or coding skills, everything will be done manually!
If you want to start assisting your security and/or development team, if you want to detect these vulnerabilities before the pen-test occurs (shift left), or if you just ever wanted to start out in Offensive Cyber Security, then this is a workshop for you!
