Web APIs Penetration Test Lab Setup

Posted on September 1, 2023 by in web api pen test

Tool Installation

Vmware
Kali Linux
Postman Installation On Debian System
Foxy Proxy Install
Burp Suite and Import CA cert to the cert authority

Burp Suite Introduction

Add target to the scope to reduce silly traffic
ctrl + r —> send request to repeater, we can play with request and manipulate it over and over again….
decoder —> use for decode or encode
comparer —> compare and see differences
extensions —> use extensions to life easier and saving time

Postman Introduction

create new workspace
create new collection (group of http requets)

we can import collection…

Docker Introduction

mkdir labs
cd labs
git clone https://github.com/OWASP/crAPI

sudo apt install docker-io
sudo apt update --fix-missing (if taken errors)
sudo apt install docker-io (run again if taken)
sudo apt install docker-compose

cd crAPI/deploy/docker
sudo docker-compose up