Dana Epp's Blog
Security (de)engineering for fun and profit
Learn 3 tricks that can help you discover the language an API was written in.
Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight.
Learn about the careers you can get into to make money hacking APIs.
When APIs are used as binary bullets in cyber warfare, we should all take notice. Read up on the latest hacks in the Anonymous vs Russia saga.
Learn how to use cURL in your exploits and demonstrate impact to the API vulnerabilities you find.
How to use OWASP guidance as your API security testing blueprint.
How to get started with web API security testing.