API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop
FOLLOW & SUBSCRIBE TO DEVSLOP
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Tanya Janca (@shehackspurple), Nicole Becher (@thedeadrobots)
Through the eyes of a hacker, APIs are wonderful things. They power everything from Social Media to your IoT microwave and they are full of security vulnerabilities. During this live session, Katie brings us into the world of API hacking, covering the basics:
-How hackers approach a target
-What hackers are looking for
-The general signs that they are on the right track.
She then demonstrates her approach, showing us some of the key vulnerabilities she looks for, how she exploits them and then highlighting the code responsible.
A few people have asked, here's Katie's open-source vulnerable API: https://github.com/InsiderPhD/example-for-devslop/ if you're new to laravel
1. Clone
2. composer update
4. Change the .env
5. php artisan migrate
6. php artisan db:seed
OUR GUEST: KATIE PAXTON-FEAR
Katie is a Ph.D. student in machine learning and cybersecurity. During her free time, she is an occasional bug bounty hunter and cybersecurity Youtuber. She’s found bugs in the Department of Defense, Verizon and Uber. She’s passionate about giving back to the community, producing videos on the basics of bug bounty and how to find your first bug.
You can find Katie on social media:
https://twitter.com/InsiderPhd
https://www.youtube.com/user/RapidBug
Видео API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop канала OWASP DevSlop
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Tanya Janca (@shehackspurple), Nicole Becher (@thedeadrobots)
Through the eyes of a hacker, APIs are wonderful things. They power everything from Social Media to your IoT microwave and they are full of security vulnerabilities. During this live session, Katie brings us into the world of API hacking, covering the basics:
-How hackers approach a target
-What hackers are looking for
-The general signs that they are on the right track.
She then demonstrates her approach, showing us some of the key vulnerabilities she looks for, how she exploits them and then highlighting the code responsible.
A few people have asked, here's Katie's open-source vulnerable API: https://github.com/InsiderPhD/example-for-devslop/ if you're new to laravel
1. Clone
2. composer update
4. Change the .env
5. php artisan migrate
6. php artisan db:seed
OUR GUEST: KATIE PAXTON-FEAR
Katie is a Ph.D. student in machine learning and cybersecurity. During her free time, she is an occasional bug bounty hunter and cybersecurity Youtuber. She’s found bugs in the Department of Defense, Verizon and Uber. She’s passionate about giving back to the community, producing videos on the basics of bug bounty and how to find your first bug.
You can find Katie on social media:
https://twitter.com/InsiderPhd
https://www.youtube.com/user/RapidBug
Видео API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop канала OWASP DevSlop
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep with Clint Gibler
DevSlop Game Day Recap & Solution with Renan Dias
How To Do Recon: API Enumeration
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
SCA: Understanding and securing what's in your software supply chain with Maya Kaczorowski
Blackhat 2017: Hacking with WebSockets
Hacking JWTs for Beginners with Farah Hawa
Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016
OWASP API Security Top 10 Webinar
The Bug Hunter's Methodology 2.0
Linux Tutorial for Beginners: Introduction to Linux Operating System
Q&A: Bug Bounty with Katie (InsiderPhD)
Reverse Engineering Private API's with Postman
Introducing Threats Manager Studio with Simone Curzi
APIs for Beginners - How to use an API (Full Course / Tutorial)
Google Paid Me to Talk About a Security Issue!
Orchestration with Nomad from A(rtifacts) to Z(ones) with Jacquie Grindrod!
Security Testing for Developers Using OWASP ZAP
Finding Your First Bug: Finding Bugs Using APIs