Dana Epp's Blog
Security (de)engineering for fun and profit
Hacking APIs on IoT devices using a Flipper Zero
Check out these 5 simple questions that will help make your API penetration testing engagement more successful.
Let me tell you a story about the time I hacked into a .NET API through a bit of luck and reverse engineering.
Learn how to extract artifacts from OpenAPI docs using jq to help you attack APIs
Learn how to predict and pwn GUIDs used in APIs.
Learn how you can leverage the data in a software bill of materials (SBOM) document to find vulnerabilities in API dependencies.
Learn how to find authorization vulnerabilities in APIs using Burp and Autorize.
Learn how to hack APIs by exploiting authorization vulnerabilities.
Learn 3 tricks that can help you discover the language an API was written in.
How to use OWASP guidance as your API security testing blueprint.