The labs are categorized according to the cryptographic types.
- API01: Broken Object Level Authorization
- API02: Broken User Authentication
- API03: Excessive Data Exposure
- API04: Lack of Resources and Rate Limiting
- API05: Broken Function Level Authorization
- API06: Mass Assignment
- API07: Security Misconfiguration
- API08: Injection
- API09: Improper Assets Management
- API10: Insufficient Logging and Monitoring