Dana Epp's Blog
Security (de)engineering for fun and profit
Learn how to hack APIs by exploiting authorization vulnerabilities.
Check out the 5 essential books that every API hacker should read and keep on their bookshelf.
Hacking APIs for fun and profit requires you to know how long to stay on target, and knowing when to give up. Let’s discuss.
Learn how to reverse engineer an undocumented API using your own rogue docs.
Learn 3 tricks that can help you discover the language an API was written in.
Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight.
Learn about the careers you can get into to make money hacking APIs.
When APIs are used as binary bullets in cyber warfare, we should all take notice. Read up on the latest hacks in the Anonymous vs Russia saga.
Learn how to use cURL in your exploits and demonstrate impact to the API vulnerabilities you find.
How to use OWASP guidance as your API security testing blueprint.