Skip to content

mnagarajapppa/API-Pen-Testing

BranchesTags

Repository files navigation

API Security

https://github.com/akto-api-security/30-API-security-tests

https://www.youtube.com/watch?v=ijalD2NkRFg

https://www.youtube.com/watch?v=zTkv_9ChVPY

https://www.youtube.com/watch?v=aQGbYfalRTA&t=1179s

https://www.youtube.com/watch?v=5UTHUZ3NGfw&t=3234s

https://www.youtube.com/watch?v=qqmyAxfGV9c

API Pen testing - TESTCASES

  1. Verify the API response code for a valid request.
  2. Verify the API response code for an invalid request.
  3. Verify the API response time for a valid request.
  4. Verify the API response time for an invalid request.
  5. Verify the API response message for a valid request.
  6. Verify the API response message for an invalid request.
  7. Verify the API response content for a valid request.
  8. Verify the API response content for an invalid request.
  9. Verify the API response format for a valid request.
  10. Verify the API response format for an invalid request.
  11. Verify the API response size for a valid request.
  12. Verify the API response size for an invalid request.
  13. Verify the API response headers for a valid request.
  14. Verify the API response headers for an invalid request.
  15. Verify the API request method for a valid request.
  16. Verify the API request method for an invalid request.
  17. Verify the API request parameters for a valid request.
  18. Verify the API request parameters for an invalid request.
  19. Verify the API request payload for a valid request.
  20. Verify the API request payload for an invalid request.
  21. Verify the API authentication for a valid request.
  22. Verify the API authentication for an invalid request.
  23. Verify the API authorization for a valid request.
  24. Verify the API authorization for an invalid request.
  25. Verify the API rate limiting for a valid request.
  26. Verify the API rate limiting for an invalid request.
  27. Verify the API error handling for a valid request.
  28. Verify the API error handling for an invalid request.
  29. Verify the API security for a valid request.
  30. Verify the API security for an invalid request.
  31. Verify the API response time under high load.
  32. Verify the API response time under low load.
  33. Verify the API response for edge cases (empty, null, negative values, etc.).
  34. Verify the API response when input is out of range.
  35. Verify the API response when input is invalid.
  36. Verify the API response when required fields are missing.
  37. Verify the API response when optional fields are missing.
  38. Verify the API response when the input is too long.
  39. Verify the API response when input is too short.
  40. Verify the API response when input contains special characters.
  41. Verify the API response when input contains non-ASCII characters.
  42. Verify the API response when input is case-sensitive.
  43. Verify the API response when input is case-insensitive.
  44. Verify the API response when input contains HTML or JavaScript tags.
  45. Verify the API response when input contains SQL injection.
  46. Verify the API response when input contains a cross-site scripting (XSS).
  47. Verify the API response when input contains malware or viruses.
  48. Verify the API response when input contains sensitive information

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published