In this chapter, you’ll build your own API target lab to attack in subsequent chapters. By targeting a system you control, you’ll be able to safely practice your techniques and see their impacts from both the offensive and defensive perspectives. You’ll also be able to make mistakes and experiment with exploits you may not yet be comfortable with using in real engagements.

You’ll be targeting these machines throughout the lab sections in this book to find out how tools work, discover API weaknesses, learn to fuzz inputs, and exploit all your findings. The lab will have vulnerabilities well beyond what ...