Blogs / Articles / Presentations:
https://speakerdeck.com/riyazwalikar/api-security-testing-null-bangalore-janua
https://medium.com/@inonst/31-tips-api-security-pentesting-480b5998b765
https://medium.com/bugbountywriteup/bounty-tip-easiest-way-to-bypass-apis-rate-limit-f984fad40093
https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af
https://labs.detectify.com/2021/08/31/go-fuzz-yourself-how-to-find-more-vulnerabilities-in-apis-through-fuzzing-whitepaper-download/
Writeups:
https://drive.google.com/file/d/1iMGqUUpaiQrEys4IOETwgxti8AiShomZ/view
Checklist:
https://github.com/shieldfy/API-Security-Checklist
https://hackanythingfor.blogspot.com/2020/07/api-testing-checklist.html?spref=tw
Videos:
https://www.youtube.com/watch?v=gx-eKashKvs&feature=youtu.be
https://www.youtube.com/watch?v=qqmyAxfGV9c&feature=youtu.be
Tools:
https://github.com/ngalongc/openapi_security_scanner
Tweets:
https://github.com/dwisiswant0/apkleaks
Last updated 2 years ago
