#apihacking 搜索结果
Day 14 — Moving on from JWT — API2: Broken User Auth 🔐 Today: switched focus to API2 (Broken User Authentication). Tried brute-forcing OTP in my lab, but DVWA/crAPI rate-limit blocked requests (api/auth/v3 enforced limits). #Day14 #APIHacking #BUSA #JWT #crAPI #MayurLearns
Unlock API hacking skills! Learn to exploit & secure APIs. Join now at Parrot CTFs Academy! #APIHacking
How I feel when someone tells me it's not possible to exploit a vuln in "that" area of the app... #apihacking #apisecurity
The first thing you should try to do after getting a foothold on an API server is exfiltrate the API artifacts. That includes config files, compiled assets (.dll/.class/.jar, etc), and raw source (.php/.js/.py/.go, etc) The code will serve you well. #apihacking #apisecurity
Day 11 — API1: Broken Object Level Auth (BOLA) 🛡️ Today I practiced BOLA (IDOR) on crAPI — found endpoints where changing an ID returned other users’ data. Lesson: always check object-level access controls. #Day11 #APIHacking #BOLA #crAPI #MayurLearns
Poor input validation is the #1 killer of APIs. Taint all the data in all the weird places and make sure it's validated correctly. #apihacking #apisecurity
💻 API Hacking Part 2 is here! Building on Part 1, this video dives deeper into API reverse engineering, vulnerability testing, and practical exploitation techniques. 📺 Watch now: youtu.be/x6ZN02G3CeE #APIHacking #CyberSecurity #AmrSec
You ever feel like you are finding the weirdest of vulns in areas you don't expect? Ya... me too. #apihacking #apisecurity #MIB
Developers love the thrill in creating new API endpoints, but they hardly secure them😐. Check out my article on introduction to API hacking.💻🔐🎭 cybershaykh.medium.com/introduction-t… @sisinerdtweets #APIs #apisecurity #APIhacking
Old tip for api hacking but still works older api version is vulnerable to BAC. GET api/v3/offers/ => 403 access deneid GET api/v2/offers/ => 200 OK #bugbountytips #apihacking #Pentesting
Want to hack GraphQL APIs? He’re a basic intro to what you need to know as an ethical hacker to get started. #api #graphql #apihacking #hackingtools #hacking zerodayhacker.com/what-is-graphq…
Day 14 — Moving on from JWT — API2: Broken User Auth 🔐 Today: switched focus to API2 (Broken User Authentication). Tried brute-forcing OTP in my lab, but DVWA/crAPI rate-limit blocked requests (api/auth/v3 enforced limits). #Day14 #APIHacking #BUSA #JWT #crAPI #MayurLearns
Day 13 — Still chasing the JWT .🕵️♂️ Tried Burp Suite + online JWT editors, but still getting {"message":"JWT Token required!"} 😅 Maybe tomorrow the token gods will be kind. #Day13 #APIHacking #JWT #crAPI #MayurLearns
Day 11 — API1: Broken Object Level Auth (BOLA) 🛡️ Today I practiced BOLA (IDOR) on crAPI — found endpoints where changing an ID returned other users’ data. Lesson: always check object-level access controls. #Day11 #APIHacking #BOLA #crAPI #MayurLearns
New Post: Autoswagger – Automated discovery and testing of OpenAPI & Swagger endpoints Autoswagger finds and tests OpenAPI/Swagger specs to expose unauthenticated endpoints, PII leaks & secrets darknet.org.uk/2025/10/autosw… #hackingtools #apihacking #apisecurity #endpointsecurity
Highly Recommend! 🛡️ Trust Me @theXSSrat FREE CAPIE API hacking course is pure gold! Master cutting-edge cybersecurity skills and stay ahead. Don’t sleep on this! 💻 Free CAPIE resources to master API hacking! . Master vulnerabilities and secure APIs like a pro! #APIHacking
LEARN BRUTAL API HACKING WITH FREE CAPIE MATERIALS!!!! thexssrat.podia.com/capie-lesson-m… BOOM
It's been a tough morning testing an API. I got stuck at several points where I didn't know how to proceed. I tried everything, but nothing worked. This is also part of the learning process. #BugBounty #APIHacking
I woke up this morning feeling like hacking some APIs. Today it's time to try out some interesting injections. #BugBounty #APIHacking
Most API bugs come from things companies forgot they even had. - Old API versions still online - Hidden staging endpoints - Deprecated routes returning sensitive data This is Improper Assets Management – API9:2019 Always map. Always compare. #BugBounty #APIhacking
💬 ¿Quieres un mini-tutorial sobre alguna de estas herramientas? 👇 Comenta el número (#1 a #5) o nombre y lo preparo para ti. Sígueme para más flujos y tips de seguridad ofensiva. #Pentesting #APIhacking #BurpSuite #n8n #ciberseguridad #OWASP
can you POP #XSS > tarkash.surapura.in #API #APIhacking #lab #CAPIE #APISEC #pentesting #bugbounty
Curious about API Security? Try DVAPI by Payatu — a hands-on lab to learn, break & secure APIs based on OWASP Top 10 (2023) ✅ Built-in vulns ✅ Realistic attack flows ✅ Great for demos & training 🔗payatu.com/dvapi/ #APIHacking #CyberSecurity #OWASPTop10 #DVAPI #CTF
Let me show you how to exploit embedded system APIs by dumping firmware to get access to API artifacts, including configs and source code. #apihacking #hardwarehacking #CH341A danaepp.com/exploiting-emb…
I've got a Flipper Zero. Let's have some fun with it and try to hack the API on a Wifi Pineapple embedded device. #flipperzero #apihacking danaepp.com/using-a-flippe…
Check out my step-by-step guide to writing extensions for API pentesting in Burp Suite. #apihacking #burpsuite danaepp.com/a-step-by-step…
You ever feel like you are finding the weirdest of vulns in areas you don't expect? Ya... me too. #apihacking #apisecurity #MIB
So what does make APIs special and different? #apisecurity #apihacking #apis #pentesting 1) Interconnectedness, even if you're sure you don't have APIs, I bet your suppliers do 2) Large attack surfaces that are poorly documented, they balloon into hundreds of endpoints quickly
How I feel when someone tells me it's not possible to exploit a vuln in "that" area of the app... #apihacking #apisecurity
Day 11 — API1: Broken Object Level Auth (BOLA) 🛡️ Today I practiced BOLA (IDOR) on crAPI — found endpoints where changing an ID returned other users’ data. Lesson: always check object-level access controls. #Day11 #APIHacking #BOLA #crAPI #MayurLearns
Anyone up for hacking an online banking API? Here’s a walkthrough of the #ParaBank deliberately vulnerable app I recently came across. #API #APIhacking #hackingapis zerodayhacker.com/parabank-walkt…
Unlock the Secrets of API Hacking! - Hands-on API security training - Identify & exploit vulnerabilities - Build a dedicated testing lab Become an API security master. hackers-arise.net/hacking-apis/ #APIHacking #Web #Security @three_cube
BOLA is the most common and one of the easiest API vulnerabilities you can exploit. He’re the story, with a couple of practical examples. #api #bola #apihacking #owasp #hacking zerodayhacker.com/what-is-bola-b…
Want to hack GraphQL APIs? He’re a basic intro to what you need to know as an ethical hacker to get started. #api #graphql #apihacking #hackingtools #hacking zerodayhacker.com/what-is-graphq…
OAuth 2.0 is an authorization protocol often used to secure access to APIs. Here's what you need to know, from an API hacker's perspective. #api #oauth2 #apihacking #hackingtools zerodayhacker.com/what-is-oauth-…
💻 API Hacking Part 2 is here! Building on Part 1, this video dives deeper into API reverse engineering, vulnerability testing, and practical exploitation techniques. 📺 Watch now: youtu.be/x6ZN02G3CeE #APIHacking #CyberSecurity #AmrSec
Just updated by blog post on how to test an API endpoint for SSRF. Now includes blind SSRF. Like it? #api #ssrf #apihacking #hackingtools #hacking zerodayhacker.com/testing-for-ss…
Something went wrong.
Something went wrong.
United States Trends
- 1. GTA 6 16.5K posts
- 2. GTA VI 24.9K posts
- 3. #911onABC 2,607 posts
- 4. Rockstar 58K posts
- 5. Raiders 34.2K posts
- 6. Antonio Brown 7,819 posts
- 7. UTSA 1,343 posts
- 8. Sidney Crosby 1,176 posts
- 9. #ShootingStar N/A
- 10. Ozempic 22.8K posts
- 11. Nancy Pelosi 142K posts
- 12. #TNFonPrime 1,849 posts
- 13. #bandaids 5,135 posts
- 14. GTA 5 1,965 posts
- 15. Katy Perry 38.8K posts
- 16. Thursday Night Football 3,944 posts
- 17. $SENS $0.70 Senseonics CGM N/A
- 18. Fickell 1,320 posts
- 19. Jackson Blake 52.1K posts
- 20. Free AB N/A