LAB 122 - Identifying Insecure APIs


Course Details

Course Number: LAB 122

Course Duration: 5 minutes

Course CPE Credits: 0.1

Foreign Languages Available:

  • English

Course Overview

This lab challenges a learner to discover and exploit an existing API vulnerability to bypass authorization mechanisms and steal private files in a cloud application. In this lab, you are an adversary interacting with the application in a legitimate way to discover flaws in a REST API to bypass authorization mechanisms and steal private files that contain AWS Credentials. Participants will also learn best practices to prevent and mitigate broken object-level authorization vulnerabilities related to insecure APIs?

Ready to Demo this course? Questions? Contact Us!