"Course helped me earn bounties and I discovered 20+ bugs.
Before I was not following methodologies that’s why it was getting hard to find bugs.
I like methodology taught in course and obviously XXE and Presentations, clear voice, less and interesting content.
I got xxe and privilege escalation (idor) and scored my first 4 digit bounty.
Yes I will recommend this course, because this will help them to learn about the background concept. It’s one of the best course."

Pratik Yadav

Student, India

"After using this course I feel confident while testing APIs. I liked the methodologies and explanation. It helped me to find bugs on different projects.
While comparing to other similar courses, I would say that this course is worth every penny.
I would recommend this course as it’s very systematic and clear to follow."


Product Security Engineer, India

"I was new to API testing, no one was able to share their methodology, hence needed some entry point to know what API testing consists of.
Before the course I was clueless about how to proceed with the testing, but after the course those 3 main points helped me in what to do after we get the API url.
The course helped me to pentest APIs for my client engagements, the methodology helped me in discovering hidden endpoints and methods allowed. Have not yet tried it for bug hunting, will try it soon.
After using this course for a while, I found there is no other course which I know of which offers such comprehensive walkthroughs.
I liked case studies.
It also Added value to my skills, followed a set methodology, and case studies which help in relating to real world scenarios
Yes, I would recommend it because of the clear explanation it offers. Case studies are an added bonus."

Kshitij Tandel

Senior Consultant, India

"After few weeks of using the course, I Learnt a Good Approach on looking into API detailing.
I like methodologies
I also like Labs, Good Narration and walkthrough on video materials.
After going through the course I was able to find few more bugs in my daily pentest activities.
I guess, there is no much training courses available for REST API pentesting. By far its a good one."


Senior Security Consultant, India

"This course helped me earn bounties.
The reason I bought this course because I wanted to learn new methodology for specific kind of testing such as Api testing
After using this course for a while, I feel more organised when testing api.
I like methodologies and examples of real bugs.
This course shares methodologies, step by step demonstration which works with real bug found on bug bounty programs which no other similar course does.
I would recommend this course as it is quite interesting."


Full Time Pentester/Ethical Hacker

"This course helped in my pentesting job.
I like the tricks covered.
I got new knowledge, appreciation in job and bounties.
Using this course I increased my API security knowledge.
I would say that this course is good over other courses.
I would recommend this course because it is good and many people don't have this kind of knowledge which you have provided and such knowledge is required In Today's security domain. "

Kunal Khadse

Senior Security Analyst, India

"This course helped me with my job.
After using this course for few weeks, now I More focused with headers , auth type , response code.
I like Availability 24/7 of the lab, resource for reading, tools described on course.
Other course are just repeated course with DVWA and different instructor but this course is different than other courses, it teach modern web apps, give you the methodologies for testing each vulnerability."

Hany Obied

Penetration Tester

“This course is far more better than other courses which are available now.
I liked Labs, in-depth knowledge on each and every attack, approach.
Yes I will recommend this course to my friends who are keen to enter into application security field. It’s amazing course.”


Application Security Engineer, India

“I googled a lot and pieced together techniques. Now after taking the course I feel like I have a solid game plan and methodology.
I was able to really apply methods learned to pentest engagements
While comparing to other courses, I have not seen any other course that focuses on API testing like this one.
I would recommend this course as it is one of the few API focused courses
It is well put together with Labs and Real world examples that can be applied in most situations.”

Jaime Rodriguez

Head of Offensive Security, United States

“After going through this course I feel comfortable with testing APIs. Course features good case studies and gives a good idea about how to test API. I would recommend this course to beginners.”


Security Engineer

"I feel this course is amazing. I like methodologies taught in the course.
I was able to find Idors after using this course.
I would recommend this course because it’s amazing."

Saad Ahmed


“The course is very informative and the flow is easy to follow.
Compared with other courses, this course is very to the point and not a lot of fluff, this makes it easy to follow and go back to as a
reference. I would recommend this course as a reference and to
beginners to learn API hacking.”

Kyle Cohne

Security Analyst, USA

“With this course, I learnt how to quickly approach a target and I was able to improve speed. I like all the course content.
Comparing with other courses, this course got Good labs and Case studies.
Yes! I would recommend this course.”


Student, India

"I never looked at API stuff because I was too lazy to find logical bugs and all. But the course provides a very good insight for finding logical bugs including finding hidden endpoints, privilege escalations and other business logic flaws and Pranav shares his own methodology that he build over years
The course was very good even for a beginner's perspective. It starts from the very basics of REST APIs to finding and exploiting vulnerabilities in APIs. That along with the case studies on various bugs found by Pranav on big companies like Facebook is a good example that how complex it could be to secure APIs and how important it is to know how to hack APIs from bug hunter's perspective
I would definitely recommend this course to anyone who wish to learn API security including developers and bug bounty hunters. Since a large part of a web application is its API."

Rahul Maini

Security Engineer

"The technique which I was aware about now after this course I got many different ways which i can try to get some fruitful bugs. It helped me a lot to enhance my skill sets.
I love the structure of labs and methodologies used in the course. Skill sets will be improved and ever green methods described in the course.

The trainer got the learning message in the course by breaking everything down into simplified sections making it very easy to understand different hacking methods. He gave a broad range of examination criteria and had a very good knowledge of the standards.

A very good mixture of theoretical and practical training. The trainer was able to explain difficult methodology to understand subjects in very simple terms.
Yes. I would definitely recommend this course. The syllabus was excellently delivered, all aspects were clearly explained and in context."

Nilesh Sapariya

Security Lead, Dubai

"After taking this course major change was approach and mindset to API testing. I like simple and accurate methodologies
Moreover, course is targeted for bug bounty but it helps in normal pentesting as well. My API pentesting approach changed.
When I compare this course with others, this course unique of its own specific format and approach described. No boring content is added which make course more connected and easy to remember methodologies for a long time.
Yes I will recommend this course to my friends who wants to learn API hacking.
This is one of the best and unique for course for API Pentesting."

Prakash Suthar

Principal Security Consultant, India