Improving port scans against API servers
Learn how to improve the performance of your port scans against API servers with the use of Project Discovery's Naabu scanner. The post Improving port scans against API servers appeared first on Dana Epp's Blog ... Read More
Discovering API secrets & endpoints using APKLeaks
Learn how to improve your recon process with the use of apkleaks to find hidden API servers, secrets, and endpoints embedded in mobile apps. The post Discovering API secrets & endpoints using APKLeaks appeared first on Dana Epp's Blog ... Read More
5 more Burp extensions for API hacking
Check out these five Burp Suite extensions that can help your API hacking. From bypassing WAFs to generating wordlists, it can all help. The post 5 more Burp extensions for API hacking appeared first on Dana Epp's Blog ... Read More
Is Nuclei any good for API hacking?
Let me show you how Nuclei can be used for more than vulnerability scanning. Learn how to leverage it as a tool for your API hacking. The post Is Nuclei any good for API hacking? appeared first on Dana Epp's Blog ... Read More
5 mistakes beginners make during app recon
Learn about the five mistakes beginners make during their app recon that limit their ability to find vulns during their API security testing. The post 5 mistakes beginners make during app recon appeared first on Dana Epp's Blog ... Read More
Writing API exploits in Python
Learn how to leverage curlconverter to write API exploits in Python using payloads you generated in Burp Suite. The post Writing API exploits in Python appeared first on Dana Epp's Blog ... Read More
Endpoints vs Routes: What every API hacker needs to know
Learn the difference between API endpoints and routes and how to think about it as an API hacker during your security testing. The post Endpoints vs Routes: What every API hacker needs to know appeared first on Dana Epp's Blog ... Read More
Detecting API endpoints and source code with JS Miner
Learn how to detect API endpoints and extract source code from web app frontends using JS Miner, a FREE Burp Suite Professional extension. The post Detecting API endpoints and source code with JS Miner appeared first on Dana Epp's Blog ... Read More
Detecting Uncommon Headers in an API using Burp Bambda Filters
Learn how to write Bambda filters in Burp Suite that can automatically detect uncommon headers in the APIs you are testing. The post Detecting Uncommon Headers in an API using Burp Bambda Filters appeared first on Dana Epp's Blog ... Read More
From Tsunami to Twitter: How Rigorous API Testing Can Prevent Critical System Outages During Disasters
Restricting emergency alerts during a disaster due to rate limiting is in itself a disaster. Learn how to look for this during your API testing. The post From Tsunami to Twitter: How Rigorous API Testing Can Prevent Critical System Outages During Disasters appeared first on Dana Epp's Blog ... Read More