-
Attacking predictable GUIDs when hacking APIs
Learn how to predict and pwn GUIDs used in APIs.
-
API Pentesting 101: The Rules of Engagement
Learn the rules of engagement when pentesting APIs.
-
7 Essential Burp Extensions for Hacking APIs
Check out the coolest extensions to help out when hacking APIs in Burp.
-
5 big mistakes beginners make hacking APIs
Avoid these beginner mistakes as you start your API hacking journey.
-
Can SBOM help you attack APIs?
Learn how you can leverage the data in a software bill of materials (SBOM) document to find vulnerabilities in API dependencies.
-
Attacking Microsoft Graph with Postman
Learn how to use Postman to attack the Microsoft Graph API.
-
Automate your API hacking with Autorize
Learn how to find authorization vulnerabilities in APIs using Burp and Autorize.
-
How to use Azure to crack API auth tokens
Learn how to crack API auth tokens using Azure cloud computing.
-
Why API hacking is NOT a crime
API hacking is NOT a crime. Hackers are not criminals. Criminals are criminals. And if you see it any other way, you can byte me.
-
The API Hacker’s Guide to Payload Injection with Postman
Learn how to use Postman to attack APIs with payload injection.
Dana Epp's Blog
Security (de)engineering for fun and profit