all InfoSec news
5 Methods I Use To Discover APIs
InfoSec Write-ups - Medium infosecwriteups.com
While working on a target, some of the most interesting parts to test is its API. APIs are dynamics, they get updated more often then other parts of the application and are responsible for many of the backend heavy lifting. In modern applications we usually see REST API, but also other forms like GraphQL and even SOAP.
When we first approach a target, we have a lot of research to do in order to understand its main functions and how …
api apis application applications backend bug bounty discover forms hacking parts pentesting red team responsible rest rest api target test working