SilverStr

Dana Epp's Blog

Security (de)engineering for fun and profit

  • Home
  • Blog
  • About
  • November 8, 2022

    Attacking predictable GUIDs when hacking APIs

    Attacking predictable GUIDs when hacking APIs

    Learn how to predict and pwn GUIDs used in APIs.

  • November 1, 2022

    API Pentesting 101: The Rules of Engagement

    API Pentesting 101: The Rules of Engagement

    Learn the rules of engagement when pentesting APIs.

  • October 28, 2022

    7 Essential Burp Extensions for Hacking APIs

    7 Essential Burp Extensions for Hacking APIs

    Check out the coolest extensions to help out when hacking APIs in Burp.

  • October 25, 2022

    5 big mistakes beginners make hacking APIs

    5 big mistakes beginners make hacking APIs

    Avoid these beginner mistakes as you start your API hacking journey.

  • October 21, 2022

    Can SBOM help you attack APIs?

    Can SBOM help you attack APIs?

    Learn how you can leverage the data in a software bill of materials (SBOM) document to find vulnerabilities in API dependencies.

  • October 18, 2022

    Attacking Microsoft Graph with Postman

    Attacking Microsoft Graph with Postman

    Learn how to use Postman to attack the Microsoft Graph API.

  • October 14, 2022

    Automate your API hacking with Autorize

    Automate your API hacking with Autorize

    Learn how to find authorization vulnerabilities in APIs using Burp and Autorize.

  • October 11, 2022

    How to use Azure to crack API auth tokens

    How to use Azure to crack API auth tokens

    Learn how to crack API auth tokens using Azure cloud computing.

  • October 7, 2022

    Why API hacking is NOT a crime

    Why API hacking is NOT a crime

    API hacking is NOT a crime. Hackers are not criminals. Criminals are criminals. And if you see it any other way, you can byte me.

  • October 4, 2022

    The API Hacker’s Guide to Payload Injection with Postman

    The API Hacker’s Guide to Payload Injection with Postman

    Learn how to use Postman to attack APIs with payload injection.

←Previous Page
1 2 3 4 5
Next Page→
 

Loading Comments...