Blog - Page 4 of 13 - Dana Epp's Blog

Learn how to leverage the Big List of Naughty Strings (BLNS) to break APIs using nothing more than Postman.

Learn everything you need to know about how to get started writing API security tests in Javascript using Postman.

Learn how to improve the performance of your port scans against API servers with the use of Project Discovery’s Naabu scanner.

Learn how to improve your recon process with the use of apkleaks to find hidden API servers, secrets, and endpoints embedded in mobile apps.

Check out these five Burp Suite extensions that can help your API hacking. From bypassing WAFs to generating wordlists, it can all help.

Let me show you how Nuclei can be used for more than vulnerability scanning. Learn how to leverage it as a tool for your API hacking.

Learn about the five mistakes beginners make during their app recon that limit their ability to find vulns during their API security testing.

Learn how to leverage curlconverter to write API exploits in Python using payloads you generated in Burp Suite.

Learn the difference between API endpoints and routes and how to think about it as an API hacker during your security testing.

Learn how to detect API endpoints and extract source code from web app frontends using JS Miner, a FREE Burp Suite Professional extension.