INTERMEDIATE
API Security

Secure API Testing

Test modern APIs for the risks scanners miss — auth, objects, and business logic — then fix them.

14 hours2 modules5 lessonsVersion 1

About this course

Vector focuses on the OWASP API Security Top 10: broken object/function authorization, mass assignment, and rate-limit abuse, on CyberForge’s vulnerable API sandbox.

What you will learn

  • Test API authorization
  • Find mass assignment and logic flaws
  • Remediate with secure patterns

Curriculum

Module 1. API Authorization

BOLA, BFLA, and authentication.

  • Broken Object-Level Authorization (BOLA)30 min
  • API Authentication & Tokens28 min
Module 2. Data & Abuse

Mass assignment, rate limits, and logic.

  • Mass Assignment & Excessive Data Exposure28 min
  • Rate Limiting & Abuse Prevention26 min
  • API Business Logic & Remediation28 min
← Back to all courses