cyb ndy

Your API hacking lab

Introduction

This section of the course introduced the setup of the vulnerable applications crapi and vapi. It also talked about other sources such as thm and htb where students should practice and test their skills gained in the course

crAPI Installation

        mkdir ~/lab && cd ~/lab
sudo curl -o docker-compose.yml https://raw.githubusercontent.com/OWASP/crAPI/main/deploy/docker/docker-compose.yml

      
        sudo docker-compose pull
sudo docker-compose -f docker-compose.yml --compatibility up -d

If no error occurred, crapi should available on http://127.0.0.1:8888

vAPI Installation

        cd ~/lab

      
        sudo git clone https://github.com/roottusk/vapi.git
cd ./vapi

      
        sudo docker-compose up -d

vAPI will also be accessible at http://127.0.0.1/vapi and comes with a pre-built postman collection and environment located in vAPI/postman directory

API Penetration Testing Course - APIsec UniversityAPI Reconnaissance
cyb ndy
© 2023 Designed & Developed by Cybandy