Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more
Back to all learning paths
PRACTITIONER

API testing

This learning path teaches you how to test APIs that aren't fully used by the website front-end. You'll learn key API recon skills to help you discover more attack surface. In addition, you'll learn how to identify server-side parameter pollution vulnerabilities that may impact internal APIs.

Contents

Get started: API recon

0 of 29

GET STARTED


API recon 0 of 1



API documentation 0 of 4



Identifying and interacting with API endpoints 0 of 6



Finding hidden parameters 0 of 1



Mass assignment vulnerabilities 0 of 4



Preventing vulnerabilities in APIs 0 of 1



Server-side parameter pollution 0 of 1



Testing for server-side parameter pollution in the query string 0 of 6



Testing for server-side parameter pollution in REST paths 0 of 1



Testing for server-side parameter pollution in structured data formats 0 of 2



Testing for server-side parameter pollution with automated tools 0 of 1



Preventing server-side parameter pollution 0 of 1