Dana Epp's Blog
Security (de)engineering for fun and profit
Learn how to predict and pwn GUIDs used in APIs.
Learn the rules of engagement when pentesting APIs.
Check out the coolest extensions to help out when hacking APIs in Burp.
Avoid these beginner mistakes as you start your API hacking journey.
Learn how you can leverage the data in a software bill of materials (SBOM) document to find vulnerabilities in API dependencies.
Learn how to use Postman to attack the Microsoft Graph API.
Learn how to find authorization vulnerabilities in APIs using Burp and Autorize.
Learn how to crack API auth tokens using Azure cloud computing.
API hacking is NOT a crime. Hackers are not criminals. Criminals are criminals. And if you see it any other way, you can byte me.
Learn how to use Postman to attack APIs with payload injection.