Category: API Hacking Techniques

• March 28, 2023

  How Adversaries Attack APIs Through Dependencies

  

  We must become curators of API dependencies, NOT consumers!!
• February 14, 2023

  Exploiting embedded APIs by dumping firmware

  

  Hack the hardware to find the firmware and swipe the source code of APIs under security testing.
• January 31, 2023

  Using a Flipper Zero to access API source code on IoT devices

  

  Hacking APIs on IoT devices using a Flipper Zero
• January 10, 2023

  5 simple questions to make your API pentest more successful

  

  Check out these 5 simple questions that will help make your API penetration testing engagement more successful.
• December 27, 2022

  Hacking a .NET API in the real world

  

  Let me tell you a story about the time I hacked into a .NET API through a bit of luck and reverse engineering.
• December 6, 2022

  How to extract artifacts from OpenAPI docs to help attack APIs

  

  Learn how to extract artifacts from OpenAPI docs using jq to help you attack APIs
• November 8, 2022

  Attacking predictable GUIDs when hacking APIs

  

  Learn how to predict and pwn GUIDs used in APIs.
• October 21, 2022

  Can SBOM help you attack APIs?

  

  Learn how you can leverage the data in a software bill of materials (SBOM) document to find vulnerabilities in API dependencies.
• October 14, 2022

  Automate your API hacking with Autorize

  

  Learn how to find authorization vulnerabilities in APIs using Burp and Autorize.
• September 30, 2022

  How to find access control issues in APIs

  

  Learn how to hack APIs by exploiting authorization vulnerabilities.