Dana Epp, Author at Dana Epp's Blog

Learn how to bypass API rate limiting security controls using IP rotation in Burp Suite via Amazon API Gateway.

Explore five ways that you can improve your GraphQL hacking skills, and learn how to practice your newly found skills in a safe way.

Learn how to use the AI in Eyeballer from BishopFox to help identify interesting targets during recon of your web apps & APIs.

Learn how to use adversarial thinking with OWASP and MITRE to better approach security testing of your web apps and APIs.

Learn how to prove API exploitability through the use of the Burp Collaborator for out-of-band application security testing (OAST).

Learn how to leverage the Exploit Prediction Scoring System (EPSS) to identify the vulnerabilities in your APIs that are most exploitable.

Learn how to create mind maps that can help you improve your API hacking methodology during security testing and pentest engagements.

Learn how to use contextual discovery and path prediction to find hidden API endpoints during your security testing.

Explore using the no-code programming environment in Postman Flows to visually design and run API exploits as part of your security research.

Learn why API hacking should be an important and critical component of your web app security testing process.

Author: Dana Epp