API Hacking Tools

Learn how to use upstream residential and mobile proxies in Burp Suite to evade IP blocking during your API security testing. The post Evade IP blocking by using residential proxies appeared first ...

Learn how to improve your API discovery with a custom Burp Suite extension dedicated to automatically finding API document artifacts for you. The post Hacking API discovery with a custom Burp extension ...

Learn how to set up your hacking environment to attack mobile apps & APIs running on modern versions of Android with Burp Suite. The post Hacking Modern Android Mobile Apps & APIs ...

Gain a competitive edge over other security researchers by detecting changes to APIs before others even know about them by using oasdiff. The post Detecting new API endpoints with oasdiff appeared first ...

Learn how to fuzz JSON to find security vulnerabilities in the APIs you are hacking with the help of a custom wordlist and Param Miner. The post Fuzzing JSON to find API ...

Learn how to use Param Miner to find hidden parameters that may help manipulate an API in unintended ways, revealing potential security flaws. The post Finding hidden API parameters appeared first on ...

Learn how to weaponize API discovery metadata to improve your recon of the APIs you are hacking or conducting security testing on. The post Weaponizing API discovery metadata appeared first on Dana ...

Learn why HTTPie is a great replacement for curl and how to use it when conducting your own API security testing. The post Hacking APIs with HTTPie appeared first on Dana Epp's ...

Learn how to improve your application security code reviews with the help of tools like graudit. The post 3 ways to improve appsec code auditing with graudit appeared first on Dana Epp's ...

Learn how to write Burp Suite extensions using the new Montoya API with Kotlin and Visual Studio Code (VS Code) The post Writing Burp extensions in Kotlin appeared first on Dana Epp's ...