Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
OWASP DevSlop | 2020-05-04 06:21:55 | 101,249 Views |
LinkedIn: https://www.linkedin.com/company/owas…
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop
DEV.TO: https://dev.to/devslop
Moderators: Nancy Gariche, Tanya Janca (@shehackspurple), Nicole Becher (@thedeadrobots)
From a hacker's perspective, APIs are wonderful things. They power everything from social media to your IoT microwave, and they're riddled with security vulnerabilities. During this live session, Katie introduces us to the world of API hacking and covers the basics:
-How hackers approach a target
-What hackers are looking for
-The general signs that you are on the right track.
She then demonstrates her approach, showing us some of the key vulnerabilities she looks for, how she exploits them, and then highlights the code responsible for them.
Some people have asked, here is Katie's open source API for vulnerable applications: https://github.com/InsiderPhD/example-for-devslop/ if you are new to Laravel
1. Cloning
2. Composer update
4. Change the .env
5. Migrate PHP Artisan
6. php Artisan db:seed
OUR GUEST: KATIE PAXTON-FEAR
Katie is a PhD student in machine learning and cybersecurity. In her spare time, she is an occasional bug bounty hunter and cybersecurity YouTuber. She has found bugs at the Department of Defense, Verizon, and Uber. She is passionate about giving back to the community and produces videos on bug bounty basics and how to find your first bug.
You can find Katie on social media:
https://twitter.com/InsiderPhd
https://www.youtube.com/user/RapidBug
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.