7

Denial of Service and Rate-Limiting Testing

Continuing from basic API attacks, it’s now time for us to understand more about denial-of-service (DoS) and distributed denial-of-service (DDoS) threats and answer some questions, such as the following: Why are they so important? How impactful they could be for API endpoints? What can we leverage to successfully manage the triggering of these sorts of attacks? You will learn that DoS, especially the distributed form of it, is a global problem affecting pretty much any publicly exposed endpoint or application. Additionally, software that is only privately accessible is not immune to them. Although sometimes rarer, insider threats are present and can disrupt internal applications.

Rate limiting is ...

Get Pentesting APIs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.