O'Reilly logo

Mastering Modern Web Penetration Testing by Prakhar Prasad

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. API Testing Methodology

In this chapter, we'll deal with different methodologies for testing security of APIs. This chapter needs concepts of OAuth, which have been covered in the previous chapter, so a good understanding of OAuth 2.0 is necessary. We will use access tokens heavily and make requests to API endpoints while testing them.

Web APIs have recently gained a lot of popularity among developers because they easily allow third-party programs to interact with the website in a more efficient and easy way.

The chapter will gradually start off with some basic concepts and then later cover actual testing. So let's begin.

Understanding REST APIs

REST stands for Representational State Transfer, which is simply an architectural philosophy ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required