Dana Epp's Blog
Security (de)engineering for fun and profit
Check out these three training resources that can help you with your API hacking tradecraft.
Learn how to use out-of-band application security testing (OAST) to find more complex vulnerabilities in the APIs you test.
Learn three reasons why QA people should get into API hacking to help secure their company’s apps.
Learn how to find exploitable vulnerabilities in your APIs using taint analysis.
Learn the rules of engagement when pentesting APIs.
Learn how to crack API auth tokens using Azure cloud computing.
Check out the 5 essential books that every API hacker should read and keep on their bookshelf.
Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight.
How to get started with web API security testing.