Rest API Penetration Testing

• Setup Lab, Introduction to Rest API, SQL Injecton In Rest Api and Sensitive Data In Get Requets
• Weak Authentication Token and IDOR
• Sensitive Data In Response (Password) and Clear Text Storage
• Reading Api Documentation
• XML External Entitiy Injection
• Lack Of Rate Limiting
• Broken Authentication