Dana Epp's Blog
Security (de)engineering for fun and profit
Write your own extensions in Python to pwn your API targets with BurpSuite
Learn how to extract API artifacts from a docker image and decompile them to source code to find vulnerabilities using taint analysis.
Check out the coolest extensions to help out when hacking APIs in Burp.
Learn how to use Postman to attack the Microsoft Graph API.
Learn how to use Postman to attack APIs with payload injection.
Learn how to reverse engineer an undocumented API using your own rogue docs.
Learn how to use cURL in your exploits and demonstrate impact to the API vulnerabilities you find.