This involves attempting to uncover API vulnerabilities with application attacks such as XSS, SQL injections, code injections, and backdoors. Once those vulnerabilities are uncovered, exploiting them with privilege escalations, data stealing methods, and traffic interceptions are part of the Gaining Access scope, as well as assessing the damage that API vulnerability could cause.
Gaining access
by Pethuru Raj, Harihara Subramanian
Hands-On RESTful API Design Patterns and Best Practices
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Introduction to the Basics of RESTful Architecture
- Technical requirements
- Evolution of web technologies
- Learning about Web 3.0
- Learning about web service architecture
- Discussing the web API
- Learning about service-oriented architecture
- Learning about resource-oriented architecture
- Beginning with REST
- REST architecture style constraints
- Layered systems
- RESTful service mandates
- Architectural goals of REST
- Summary
- Design Strategy, Guidelines, and Best Practices
- Technical requirements
- Learning about REST API and its importance
- Goals of RESTful API design
- API designer roles and responsibilities 
- API design best practices
- API design principles
- RESTful API design rules
- Summary
- Further reading
- Essential RESTful API Patterns
- Advanced RESTful API Patterns
- Microservice API Gateways
- Technical requirements
- About microservice architecture
- The prominent infrastructure modules in microservice-centric applications
- About API gateway solutions
- API gateways for microservice-centric applications
- The issues with microservice API gateways
- Security features of API gateways
- Prominent API gateway solutions
- Service mesh versus API gateway
- Summary
- RESTful Services API Testing and Security
- An overview of software testing 
- RESTful APIs and testing
- Basics of API testing
- Understanding API testing approaches
- API testing types
- REST API security vulnerabilities
- Causes of vulnerabilities
- Security tests
- Back to API testing
- CQRS
- Summary
- Further reading
- RESTful Service Composition for Smart Applications
- Technical requirements
- The Representational State Transfer service paradigm
- Service orchestration and choreography
- Data management 
- Summary
- RESTful API Design Tips
- A More In-depth View of the RESTful Services Paradigm
- Technical requirements
- Tending toward the software-defined and software-driven world
- Software-enabled clouds for the digital intelligence era
- The IoT applications and services
- Cloud-enabled applications
- Cloud-native applications
- Mobile, handheld, and wearable applications
- Transactional, operational, and analytical applications
- Knowledge visualization applications
- Social applications 
- Scientific and technical applications 
- Centralized and distributed applications
- Decentralized and intelligent applications with blockchain technology 
- Composite and multi-container applications 
- Event-driven applications 
- High-quality applications
- Resilient applications 
- Software-enabled clouds for the digital intelligence era
- The REST paradigm for application modernization and integration
- SOAP versus REST
- Best practices for REST-based microservices
- Summary
- Further reading
- Frameworks, Standard Languages, and Toolkits
- Technical requirements
- Core features of a framework
- Spring Boot
- Beginning about Light 4j
- Spark Framework
- Dropwizard
- Understanding Go framework for the RESTful API
- Python RESTful API frameworks
- Frameworks – a table of reference 
- Summary
- Further reading
- Legacy Modernization to Microservices-Centric Apps
- Other Books You May Enjoy
Gaining access
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.