Request a Demo Contact Us
Visit Us At Gartner Security & Risk Management Summit From June 5-7 At Booth #1059
Register Now

API Security Testing For Hackers


In this talk, I will be discussing the primary domains of API security, with notable examples of security flaws for each. I will also discuss some basic methodology for testing and fuzzing services, by approaching with educated guesses to how the backend actually works. Finally, I will discuss two major bugs that I was involved in finding, and the domains in which they fall under, discussing methodology and impact. I plan to have a follow up page on my website with links to resources for people who want to explore this space more. This talk is aimed more at the beginner audience, with some intermediate concepts involved.

More resources


Hidden in Plain Site: Disclosing Information via Your APIs

Learn More

Inside Look on Crowdsourced Security: Founder AMA

Watch Now
Security Flash

Microsoft TCP/IP Vulnerability: What You Need To Know

Watch Now

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.