LAB 122 – Identifying Insecure APIs
Course Overview
This lab challenges a learner to discover and exploit an existing API vulnerability to bypass authorization mechanisms and steal private files in a cloud application. In this lab, you are an adversary interacting with the application in a legitimate way to discover flaws in a REST API to bypass authorization mechanisms and steal private files that contain AWS Credentials. Participants will also learn best practices to prevent and mitigate broken object-level authorization vulnerabilities related to insecure APIs?
Course Details
Course Number: LAB 122
Course Duration: 5 minutes
Course CPE Credits: 0.25
NICE Specialty Areas
Available Languages
- English