The Best API Books of All Time

Hacking APIs is a crash course in web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. Hacking APIs is a crash course on web API security testing that will prepare you to penetration-test APIs, reap high rewards on bug bounty programs, and make your own APIs more secure. You’ll learn how REST and GraphQL APIs work in the wild and set up a streamlined API testing lab with Burp Suite and Postman. Then you’ll master tools useful for reconnaissance, endpoint analysis, and fuzzing, such as Kiterunner and OWASP Amass.

Next, you’ll learn to perform common attacks, like those targeting an API’s authentication mechanisms and the injection vulnerabilities commonly found in web applications. You’ll also learn techniques for bypassing protections against these attacks. In the book’s nine guided labs, which target intentionally vulnerable APIs, you’ll practice:. Enumerating APIs users and endpoints using fuzzing techniquesUsing Postman to discover an excessive data exposure vulnerabilityPerforming a JSON Web Token attack against an API authentication processCombining multiple API attack techniques to perform a NoSQL injectionAttacking a GraphQL API to uncover a broken object level authorization vulnerability. By the end of the book, you’ll be prepared to uncover those high-payout API bugs other hackers aren’t finding and improve the security of applications on the web.

Summary. The Design of Web APIs is a practical, example-packed guide to crafting extraordinary web APIs. Author Arnaud Lauret demonstrates fantastic design principles and techniques you can apply to both public and private web APIs. About the technology. An API frees developers to integrate with an application without knowing its code-level details. Whether you’re using established standards like REST and OpenAPI or more recent approaches like GraphQL or gRPC, mastering API design is a superskill. It will make your web-facing services easier to consume and your clients—internal and external—happier.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the book. Drawing on author Arnaud Lauret's many years of API design experience, this book teaches you how to gather requirements, how to balance business and technical goals, and how to adopt a consumer-first mindset. It teaches effective practices using numerous interesting examples. What's inside. Characteristics of a well-designed API. User-oriented and real-world APIs. Secure APIs by design. Evolving, documenting, and reviewing API designs. About the reader. Written for developers with minimal experience building and consuming APIs. About the author. A software architect with extensive experience in the banking industry, Arnaud Lauret has spent 10 years using, designing, and building APIs. He blogs under the name of API Handyman and has created the API Stylebook website.

Completely updated for Django 4.0 & Django REST Framework 3.13. Django for APIs is a project-based guide to building modern web APIs with Django & Django REST Framework. It is suitable for beginners who have never built an API before as well as professional programmers looking for a fast-paced introduction to Django fundamentals and best practices. Over the course of 200+ pages you'll learn how to set up a new project properly, how web APIs work under the hood, and advanced testing and deployment techniques.

Three separate projects are built from scratch with progressively more advanced features including a Library API, Todo API, and Blog API. User authentication, permissions, documentation, viewsets, and routers are all covered thoroughly. Django for APIs is a best-practices guide to building powerful Python-based web APIs with a minimal amount of code. Reviews“When readers interested in web development ask me what to read next after Python Crash Course, I refer them to Will's books: Django for Beginners, Django for APIs, and Django for Professionals. I highly recommend you check out his work.”—ERIC MATTHES, author of Python Crash Course. “If you’re looking for a guide into the world of Django, then the three-step of Django for Beginners, Django for APIs, and Django for Professionals is ideal: get up and running, get into APIs, which are a cornerstone of modern app development, and then add the bits you need to your fledging app into production, from databases and static files, to user accounts and security. It’s a long road. Will’s books are an awesome companion.”—CARLTON GIBSON, Django Fellow and Django REST Framework core contributor. “A fantastic resource for web development with Django and Python. I highly recommended them”—JEFF TRIPLETT, Python Software Foundation Director, DEFNA President, and REVSYS Partner. “Django for Beginners is my go-to recommendation whenever anyone asks how to learn Django. It starts with a friendly and patient approach but manages to cover all the core fundamentals, dives into deployment, and has extensive coverage of testing. If you are looking for one book to master Django, this is it!”—ANNA MAKARUDZE, former President of the Django Software Foundation. “A fantastic on-ramp to this brilliant web framework. Django for Beginners doesn’t just talk about building sites with Django, it walks you through five of them. Get in the reps!”—ADAM JOHNSON, Django Project Steering Council member and author of two intermediate Django books. “Choosing a book for your Django learning journey is a big commitment of your time and energy. That's why it matters who the author is and the intended audience. I've known Will for many years and he's deeply embedded in the Django community. He is a former Board Member of the Django Software Foundation and cohost of the 5-years running DjangoChat podcast. This means he's thought a lot about how people learn and use Django. That goes way beyond just reading the docs and doing a tutorial.” —MICHAEL KENNEDY, host of Talk Python and Python Bytes podcasts, founder of Talk Python Training.