Blogs / Articles / Presentations:
https://speakerdeck.com/riyazwalikar/api-security-testing-null-bangalore-januaarrow-up-right
https://medium.com/@inonst/31-tips-api-security-pentesting-480b5998b765arrow-up-right
https://medium.com/bugbountywriteup/bounty-tip-easiest-way-to-bypass-apis-rate-limit-f984fad40093arrow-up-right
https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000afarrow-up-right
https://labs.detectify.com/2021/08/31/go-fuzz-yourself-how-to-find-more-vulnerabilities-in-apis-through-fuzzing-whitepaper-download/arrow-up-right
Writeups:
https://drive.google.com/file/d/1iMGqUUpaiQrEys4IOETwgxti8AiShomZ/viewarrow-up-right
Checklist:
https://github.com/shieldfy/API-Security-Checklistarrow-up-right
https://hackanythingfor.blogspot.com/2020/07/api-testing-checklist.html?spref=twarrow-up-right
Videos:
https://www.youtube.com/watch?v=gx-eKashKvs&feature=youtu.bearrow-up-right
https://www.youtube.com/watch?v=qqmyAxfGV9c&feature=youtu.bearrow-up-right
Tools:
https://github.com/ngalongc/openapi_security_scannerarrow-up-right
Tweets:
https://github.com/dwisiswant0/apkleaksarrow-up-right
arrow-up-right
Last updated 4 years ago
