Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
API Testing and Development with Postman

You're reading from   API Testing and Development with Postman API creation, testing, debugging, and management made easy

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781804617908
Length 358 pages
Edition 2nd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Dave Westerveld Dave Westerveld
Author Profile Icon Dave Westerveld
Dave Westerveld
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. API Terminology and Types 2. API Documentation and Design FREE CHAPTER 3. OpenAPI and API Specifications 4. Considerations for Good API Test Automation 5. Understanding Authorization Options 6. Creating Test Validation Scripts 7. Data-Driven Testing 8. Workflow Testing 9. Running API Tests in CI with Newman 10. Monitoring APIs with Postman 11. Testing an Existing API 12. Creating and Using Mock Servers in Postman 13. Using Contract Testing to Verify an API 14. API Security Testing 15. Performance Testing an API 16. Other Books You May Enjoy
17. Index

Summary

In this chapter, we learned a few approaches and techniques that you can use to do security testing in Postman. This kind of testing is not a replacement for the work of professional security testers, but it should help you find some basic issues. We learned about some of the most common security risks and mistakes in APIs, and we discussed how to set up tests in Postman that will help you find these issues. We used the OWASP top 10 list as a guide to what kind of issues to look for.

We discussed fuzz testing as a technique that you can use to introduce randomness to your testing. This randomness can help you find issues that you might otherwise never have thought about. We learned about the big list of naughty strings and how to set up a Postman collection that can use that list to check if your API has poor behavior, in response to any of those nasty strings. Since the point of fuzz testing is to try many random things, we also went over how to clean up a system after...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime