API Hacking Fundamentals Archives

Let’s explore the latest book by Packt Publishing on “Pentesting APIs” and see if it’s worth putting on an API hacker’s bookshelf.

Learn how to cross-reference Known Exploit Vulnerabilities (KEV) against CWE to find the best attack vectors to use during security testing.

Learn how to write exploits that take advantage of blind command injection vulnerabilities using a time-delayed boolean oracle attack.

Learn five tips that will help improve the API exploits you submit into security triage as part of your vulnerability research.

Learn how to use MITRE’s Common Weakness Enumerations (CWE) entries to level up your vulnerability reports.

Learn how to fuzz JSON to find security vulnerabilities in the APIs you are hacking with the help of a custom wordlist and Param Miner.

Learn why HTTPie is a great replacement for curl and how to use it when conducting your own API security testing.

Learn why Human Application Security Testing (HAST) is important to API hackers.

Learn how to write Burp Suite extensions using the new Montoya API with Kotlin and Visual Studio Code (VS Code)

Check out these five tips to help you pick your first target when starting bug bounty hunting against APIs.

Category: API Hacking Fundamentals