😈 The API Hacker Inner Circle
Helping developers, testers, and hackers improve their approach to appsec and find vulnerabilities in their apps and APIs before their adversaries do. Interested to know more? Subscribe to my newsletter below!
🗓️ The API Hackers' Month in Review - January 2025 👀
Hey friend 👋, Is it just me, or did it just feel like January would never end? You know it's slow when you've debugged your entire life in between sips of coffee - and realize you still haven't hit February yet. But February is now upon us. It's the best month since you can buy chocolate for half off... on February 15th, and get wasted. (Don't tell my trainer... *lol*) In all honesty, part of January's seemingly slow doldrum comes from some of the reading and research I've been up to. I've...
🗓️ The API Hackers' Year in Review - 2024 🎄🥳
Happy New Year! 🎉 I trust you had a great holiday season and brought in the New Year with a bang. 2024 has been an interesting year. Anyone else feel that way? Over the holidays I have been catching up on reading and just finished Offensive Security Using Python. It's a hands-on guide to help build custom pentesting and red team tools using Python, along with tooling for threat detection and incident response. I found the book tries to cover too much, and doesn't go into enough depth into any...
🗓️ The API Hackers' Month in Review - November 2024 👀
Hey friend 👋, Well... is it just me... or did November vanish faster than the Millennium Falcon making the Kessel Run in under 12 parsecs? I mean, I'm still getting over the sugar high from Halloween for chr*sts sake. And now it's December. I got a bunch of reading done in November, especially during those terrible storms. The big read was Pentesting APIs: A practical guide to discovering, fingerprinting, and exploiting APIs. I had mixed feelings about this book. As I have already reviewed it...
🗓️ The API Hackers' Month in Review - October 2024 👀
Hey friend 👋, Wow. October disappeared faster than a ghost at dawn – one minute it was haunting, the next it was history! Speaking of ghosts, did you have a cool Halloween costume this year? I thought about going as "The Great Pumpkin"... ... ok, maybe not the best idea I've had. Anyway, as I gorge on some of this halloween candy while in the city, I am staring at a book I picked up last month that you might find interesting. It's called the Web Hacking Arsenal: A Practical Guide to Modern...
🗓️ The API Hackers' Month in Review - September 2024 👀
Hey friend 👋, Wow. It sure felt like we fell into fall pretty fast. Say that three times fast. 🍂 🍁 With September behind us, its time to look back and review what has been done. Before I do that though, remember in last week's newsletter when I mentioned the NSA's new podcast called No Such Podcast? A few of you sent me notes that you loved learning about it. Some of you have already listened to all of the episodes. But I've got something better for you. I've recently been reading Code...
🗓️ The API Hackers' Month in Review - August 2024 👀
Hey friend 👋, Well, I said I was talking most of August off. And I did. So this month in review doesn't include a lot of new articles. But lots of stuff did happen. First, we moved into our new oceanfront villa. That's been a game changer. I haven't had such long and deep sleeps in years. It's so calm and quiet here. And, who doesn't want a home office view like this? 👉🏻 It gave me lots of time to just sit, think, and read. In fact, I read a fascinating book on that deck in just a couple of...
🗓️ The API Hackers' Month in Review - July 2024 👀
Hey friend 👋, Summer is in full swing. Sunburns are in full effect. Wild fires are fully engulfing our forests. And the hottest thing yet... the latest Deadpool movie finally hit theatres. I get it. You probably have been really busy in July. I know I was. Five articles. Three presentations. And one research paper that included a new custom Burp extension that I'm not allowed to talk about. (Ya, it's that dark. And pure Kotlin code). Speaking of "dark", I read a really interesting book in...
🗓️ The API Hackers' Month in Review - June 2024 👀
Hey friend 👋, WTF, where did June go? I swear I blinked, and it was gone. Apologies for this newsletter not arriving yesterday. It was Canada Day, and I was out being loud and proud. (Sorry... couldn't resist. 🇨🇦) In all honesty, I was sitting quietly eating cookies and catching up on some reading. And not some funky flavour of Oreos (albeit they have some great Maple Cream Oreos out there), but some patriotic Maple Leaf Peek Freans. IYKYK. Canadians prefer Birthday cookies (or Nanaimo bars...
🗓️ The API Hackers' Month in Review - May 2024 👀
Hey friend 👋, Wow, did May go by fast. I think these months need to start getting rate-limited so I can actually keep up. I have to admit though, members of the inner circle have kept me going. First, Stephen sent me this... I got a chuckle from that. And then Viktor shared with me a new flavor he came across... WTF? Who would eat that? I'm all for hacking late at night with a plate of cookies, but damn. Silliness aside, the last thing we want is kids seeing that. You just never know these...
🗓️ The API Hackers' Month in Review - April 2024 👀
Hey friend 👋, April has been a bit intense. Ya, it started with jokers putting toothpaste in our Oreos. 🤢 It ended with some well-deserved R&R on the beaches of the West Coast of Vancouver Island. I can't complain too much; I mean, I was also introduced to Churro Oreos... I can't believe these are a thing... ... and it ended with long walks along the beach... Walking along Cox Bay for a week isn't a bad way to decompress... While I was away, I got to finish reading Pegasus: How a Spy in Your...
Helping developers, testers, and hackers improve their approach to appsec and find vulnerabilities in their apps and APIs before their adversaries do. Interested to know more? Subscribe to my newsletter below!