Category: API Hacking Fundamentals

• May 16, 2023

  How to get started as an API hacker

  

  Gain the necessary knowledge and skills you need to find your first security vulnerability in the APIs you are testing.
• May 2, 2023

  The Security Researcher’s Guide to Reporting Vulnerabilities to Vendors

  

  Learn how to avoid conflict when you approach a company and report a vulnerability you found as a security researcher.
• March 21, 2023

  Why writing API exploits is important when reporting vulnerabilities

  

  Learn why it’s important to include a working exploit in your vulnerability report and how to protect it so others don’t weaponize it.
• February 21, 2023

  Analyzing Your Existing API Testing Through a Security Lens

  

  Learn how to look at your API testing through a security lens to get the best code coverage and approach it with offensive security in mind.
• January 3, 2023

  3 training resources to improve your API hacking tradecraft

  

  Check out these three training resources that can help you with your API hacking tradecraft.
• December 20, 2022

  How to use OAST to detect vulnerabilities in an API

  

  Learn how to use out-of-band application security testing (OAST) to find more complex vulnerabilities in the APIs you test.
• November 29, 2022

  3 reasons why QA people should get into API hacking

  

  Learn three reasons why QA people should get into API hacking to help secure their company’s apps.
• November 22, 2022

  Tracing API exploitability through code review and taint analysis

  

  Learn how to find exploitable vulnerabilities in your APIs using taint analysis.
• November 1, 2022

  API Pentesting 101: The Rules of Engagement

  

  Learn the rules of engagement when pentesting APIs.
• October 11, 2022

  How to use Azure to crack API auth tokens

  

  Learn how to crack API auth tokens using Azure cloud computing.