Skip to content
/ api-security-labs-owasp-aws Public

identification, exploitation, and remediation of OWASP API Top 10 vulnerabilities

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PRENGARA/api-security-labs-owasp-aws

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
owasp-api-top10
owasp-api-top10
 
 
README.md
README.md
 
 

Repository files navigation

api-security-labs-owasp-aws

This repository contains a comprehensive API security project that demonstrates the identification, exploitation, and remediation of OWASP API Top 10 vulnerabilities using AWS API Gateway, Amazon Cognito, OAuth 2.0 / OIDC, and JWT-based authentication.

Technologies Used

  • AWS API Gateway (HTTP API)
  • Amazon Cognito (User Pools)
  • OAuth 2.0 Authorization Code Grant
  • OpenID Connect (OIDC)
  • JWT Authentication & Authorization
  • OWASP API Security Top 10
  • Postman

Key Features

  • Secure API Gateway with JWT Authorizer
  • OAuth2/OIDC token flow implementation
  • HTTPS-only enforcement
  • Rate limiting via API Gateway throttling
  • Access control at gateway level
  • OWASP API Top 10 vulnerability mitigation

Learning Outcomes

  • Designed and secured APIs using cloud-native security controls
  • Implemented OAuth2/OIDC authentication flows
  • Mapped real vulnerabilities to OWASP API Top 10
  • Applied defense-in-depth at the API gateway layer

About

identification, exploitation, and remediation of OWASP API Top 10 vulnerabilities

Topics

api-gateway pci-dss application-security openid-connect oauth2-authentication jwt-authentication amazon-cognito data-protection owasp-top-10 zero-trust cloud-security api-security security-compliance defense-in-depth identity-and-access-management

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published