Bild 1 von 24
Galerie
Bild 1 von 24
Signierte Hacking-APIs: Breaking Web Application Programming Interfaces - C. Ball
US $38,50
Ca.CHF 31,84
oder Preisvorschlag
Artikelzustand:
Neu
Neues, ungelesenes, ungebrauchtes Buch in makellosem Zustand ohne fehlende oder beschädigte Seiten. Genauere Einzelheiten entnehmen Sie bitte dem Angebot des Verkäufers.
- Sofort-KaufenSignierte Hacking-APIs: Breaking Web Application Programming Interfaces - C. Ball
Oops! Looks like we're having trouble connecting to our server.
Refresh your browser window to try again.
Versand:
US $5,38 (ca. CHF 4,45) USPS Media MailTM.
Standort: Boston, Massachusetts, USA
Lieferung:
Lieferung zwischen Do, 8. Mai und Mo, 12. Mai nach 43230 bei heutigem Zahlungseingang
Rücknahme:
60 Tage Rückgabe. Käufer zahlt Rückversand. Wenn Sie ein eBay-Versandetikett verwenden, werden die Kosten dafür von Ihrer Rückerstattung abgezogen.
Zahlungen:
Sicher einkaufen
Der Verkäufer ist für dieses Angebot verantwortlich.
eBay-Artikelnr.:156939741934
Artikelmerkmale
- Artikelzustand
- Features
- Signed
- Educational Level
- Adult & Further Education, High School
- Personalized
- Yes
- Level
- Intermediate, Advanced
- ISBN
- 9781718502444
Über dieses Produkt
Product Identifiers
Publisher
No Starch Press, Incorporated
ISBN-10
1718502443
ISBN-13
9781718502444
eBay Product ID (ePID)
8057262589
Product Key Features
Number of Pages
368 Pages
Publication Name
Hacking APIs : Breaking Web Application Programming Interfaces
Language
English
Publication Year
2022
Subject
Web / Web Services & APIs, Web / Web Programming, General, Security / Networking
Type
Textbook
Subject Area
Mathematics, Computers
Format
Trade Paperback
Dimensions
Item Height
0.8 in
Item Weight
24.8 Oz
Item Length
9.2 in
Item Width
7 in
Additional Product Features
Intended Audience
Trade
LCCN
2021-061101
Reviews
"Corey Ball takes you on a journey through the lifecycle of APIs in such a manner that you're wanting to not only know more, but also anticipating trying out your newfound knowledge on the next legitimate target. From concepts to examples, through to identifying tools and demonstrating them in fine detail, this book has it all. It IS the motherload for API hacking, and should be found next to the desk, well-read by ANYONE wanting to take this level of adversarial research, assessment, or DevSecOps seriously." --Chris Roberts, @Sidragon1, vCISO/Researcher/Hacker "This book opens the doors to the field of API Hacking, a subject not very well understood. Using real-world examples that emphasize Access Control issues, this book will help you understand the ins and outs of securing APIs, hunt great bounties, and help organizations improve their API Security!" --Inon Shkedy, @InonShkedy, Security Researcher "Even though the internet is filled with information on any topic possible in cybersecurity, it is still hard to find solid insight on performing penetration tests on APIs. Corey's book satisfies this demand--not only for the beginner cybersecurity practitioner, but also for the seasoned expert." --Cristi Vlad, @CristiVlad25, Cybersecurity Researcher " Hacking APIs is extremely helpful for anyone who wants to get into penetration testing. In particular, this book gives you the tools to start testing the security of APIs, which are becoming a weak point for many modern web applications. Experienced security folks can get something out of the book too, as it features automation tips and protection bypass techniques that will up any pentesters' game." --Vickie Li, @vickieli7, Developer Evangelist, Author of Bug Bounty Bootcamp "[ Hacking APIs is] the best source of API info I've seen. If you're curious about what APIs are and how they work, read it once. If you work with or create APIs, read it twice. If you break APIs, read it three times." --Graham Helton, @GrahamHelton3 "One of the few books that is actually dedicated to API hacking. . . . a great resource for anyone who wants to learn more about API security and how to hack into web applications. It provides in-depth information on how to break through various types of APIs, as well as tips on how to stay ahead of the curve in this rapidly changing field." --Dana Epp, Security Boulevard "This book has more to offer than hacking APIs but sets down a solid foundation of tools and techniques that would benefit any developer or QA Engineer that has to develop, test, or otherwise work with APIs." --John Wenning, Cybersecurity Researcher, Fortra "A thorough guide to what APIs are, how they work, what technologies they use, the various common insecurities that APIs have, and, most importantly, how to exploit them. . . . I would recommend Hacking APIs as a great read for anyone interested in learning more about the vulnerable side of APIs." --Darlene Hibbs, Senior Cybersecurity Researcher, Fortra, "Corey Ball takes you on a journey through the lifecycle of APIs in such a manner that you're wanting to not only know more, but also anticipating trying out your newfound knowledge on the next legitimate target. From concepts to examples, through to identifying tools and demonstrating them in fine detail, this book has it all. It IS the motherload for API hacking, and should be found next to the desk, well-read by ANYONE wanting to take this level of adversarial research, assessment, or DevSecOps seriously." --Chris Roberts, @Sidragon1, vCISO/Researcher/Hacker "This book opens the doors to the field of API Hacking, a subject not very well understood. Using real-world examples that emphasize Access Control issues, this book will help you understand the ins and outs of securing APIs, hunt great bounties, and help organizations improve their API Security!" --Inon Shkedy, @InonShkedy, Security Researcher "Even though the internet is filled with information on any topic possible in cybersecurity, it is still hard to find solid insight on performing penetration tests on APIs. Corey's book satisfies this demand--not only for the beginner cybersecurity practitioner, but also for the seasoned expert." --Cristi Vlad, @CristiVlad25, Cybersecurity Researcher " Hacking APIs is extremely helpful for anyone who wants to get into penetration testing. In particular, this book gives you the tools to start testing the security of APIs, which are becoming a weak point for many modern web applications. Experienced security folks can get something out of the book too, as it features automation tips and protection bypass techniques that will up any pentesters' game." --Vickie Li, @vickieli7, Developer Evangelist, Author of Bug Bounty Bootcamp
Dewey Edition
23
Illustrated
Yes
Dewey Decimal
005.8
Synopsis
Hacking APIs is a crash course on web API security testing that will prepare you to attack APIs, find bugs other hackers often miss, and make your own APIs more secure. In this lab-based introduction, you'll first learn how REST APIs work in the real world and what security issues they face. Next, you'll set up a streamlined API testing environment built with Burp Suite, Postman, and other tools, like Kiterunner and OWASP Amass, useful for reconnaissance, endpoint analysis, and fuzzing. Armed with these basics, you'll perform common attacks targeting an API's authentication mechanisms, business logic flaws, API-specific vulnerabilities like cross-API scripting and mass assignment, and the injection vulnerabilities commonly found in web applications. As you work your way through this book, you'll target intentionally vulnerable ARIs and learn to: Use fuzzing techniques to enumerate an API's users and endpoints, Discover an excessive data exposure vulnerability with Postman, Perform JSON Web Token attacks against an API authentication process, Combine multiple API attack techniques to perform a NoSQL injection, Attack a GraphQL API to uncover a broken object level authorization vulnerability, Learn to reverse engineer an API using Postman, Use an API's features against it to discover business logic flaws, Hacking APIs wraps up with a deep dive into ways to bypass real-world API protections, methods of targeting GraphQL, and a collection of actual vulnerabilities found by API hackers in services like Starbucks and Instagram. Book jacket., You'll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you'll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner. Next, you'll learn to perform common attacks, like those targeting an API's authentication mechanisms and the injection vulnerabilities commonly found in web applications. You'll also learn techniques for bypassing protections against these attacks so that you can uncover API bugs other hackers aren't finding and improve the security of applications on the web.
LC Classification Number
QA76.76.A63B35 2022
Artikelbeschreibung des Verkäufers
Info zu diesem Verkäufer
Larry-BOS
100% positive Bewertungen•1.0 Tsd. Artikel verkauft
Angemeldet als gewerblicher Verkäufer
Verkäuferbewertungen (368)
- u***e (4117)- Bewertung vom Käufer.Letzter MonatBestätigter KaufItem was packed well and shipped promptly. Exactly as described in the listing. Great seller!
- r***t (105)- Bewertung vom Käufer.Letzter MonatBestätigter Kaufottimo!
- h***l (134)- Bewertung vom Käufer.Letzter MonatBestätigter KaufItem arrived in excellent condition.
Noch mehr entdecken:
- Sachbuch Weber 'se Bücher,
- Computer & Internetliteratur über Web & Internet,
- David Weber Belletristik-Bücher,
- Deutsche Bücher Weber 'se Sachbuch,
- Bücher im Taschenbuch Weber 'se Sachbuch,
- Weber - ' - s-Grillbibel-Kochbücher-Sachbuch Bücher übers Kochen,
- C. - H. - Beck Studium und Erwachsenenbildung,
- Geschichte-C. - H. - Beck Studium und Erwachsenenbildung,
- Strafrecht-C. - H. - Beck Studium und Erwachsenenbildung,
- Arbeitsrecht-C. - H. - Beck Studium und Erwachsenenbildung