API Hacking Techniques Archives

Learn everything you need to know about how to get started writing API security tests in Javascript using Postman.

Learn how to improve the performance of your port scans against API servers with the use of Project Discovery’s Naabu scanner.

Learn how to improve your recon process with the use of apkleaks to find hidden API servers, secrets, and endpoints embedded in mobile apps.

Let me show you how Nuclei can be used for more than vulnerability scanning. Learn how to leverage it as a tool for your API hacking.

Learn how to detect API endpoints and extract source code from web app frontends using JS Miner, a FREE Burp Suite Professional extension.

Learn how to write Bambda filters in Burp Suite that can automatically detect uncommon headers in the APIs you are testing.

Learn how to use Structured Format Injection (SFI) through Server Side Parameter Pollution (SSPP) to exploit an API.

Learn how to find “dark data” in the responses to API calls you make during your security testing engagements.

Learn how to write your own Bambda filters in Burp Suite to do complex filtering of your proxy HTTP history.

Learn how to use chaos engineering to break an API on purpose to find new types of vulnerabilities that you don’t normally find in testing.

Category: API Hacking Techniques