Home

Awesome

🛡️ API Security Empire

<div align="center"> <img src="https://user-images.githubusercontent.com/97954690/155410683-cebe5773-03b3-4b52-92d2-939e28305a0f.png" width="70%" height="70%"> <br> <small>Project Credits: <a href="https://www.linkedin.com/in/momen-eldawakhly-3b6250204">Momen Eldawakhly (Cyber Guy)</a> <b>@</b> <a href="https://www.linkedin.com/in/momen-eldawakhly-3b6250204">Cypro AB</a></small> </div> <br> In this repository you will find: Mindmaps, tips & tricks, resources and every thing related to API Security and API Penetration Testing. Our mindmaps and resources are based on OWASP TOP 10 API, our expereince in Penetration testing and other resources to deliver the most advanced and accurate API security and penetration testing resource in the WEB!!

🚪 First gate: {{Recon}}

The first gate to enter the API Security Empire is to know how to gather information about the API infrastructure and how to perform a powerfull recon on API to extract the hidden doors which made you compromise the whole infrastructure from, so, we provide this updated API Recon mindmap with the latest tools and methodologies in API recon:

<br> <div align="center"> <img src="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap.png" width="70%" height="70%" target="_blank">

<small><b><a href="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap.pdf" target="_blank">PDF Version</a> | <a href="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap.xmind" target="_blank">XMind Version</a></b></small>

</div> <br>

⚔️ Weapons you will need:

🥷 Test your abilities and weapons:

🚪 Second gate: {{Attacking}}

Attacking RESTful & SOAP:

<div align="center"> <img src="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20ATTACK.png" target="_blank"> <br> <small><b><a href="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20ATTACK.pdf" target="_blank">PDF Version</a> | <a href="https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20ATTACK.xmind" target="_blank">XMind Version</a></b></small> </div> <br>

Attacking GraphQL:

Due to the limited attacks in the GraphQL we tried to generate all the possible attacks due to our experience in testing APIs in the coming mindmap:

<div align="center"> <img src="https://github.com/Cyber-Guy1/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20%7B%7BGraphQL%20Attacking%7D%7D.png"> <br> <small><b><a href="https://github.com/Cyber-Guy1/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20%7B%7BGraphQL%20Attacking%7D%7D.pdf" target="_blank">PDF Version</a> | <a href="https://github.com/Cyber-Guy1/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20%7B%7BGraphQL%20Attacking%7D%7D.xmind" target="_blank">XMind Version</a></b></small> </div> <br>

🙏 Special thanks:

📝 License:

<img src="https://user-images.githubusercontent.com/97954690/155418561-30c6292d-877c-4acf-ac90-531d8661a455.png" width="20%" height="20%" target="_blank">

Our HACKERS! 🐱‍💻