You're welcome! I think a lot of people get intimidated by seeing JSON/XML and don't really know what to do, so I wanted to make this so people can really get into API hacking with me! Especially with future videos covering APIs!

InsiderPhD totally!! I know with me, API’s are really intimidating and it’s definitely a weak point in my websec knowledge! So these videos are a great help

😊😊😊😊😊😊 thank you I’m really trying to improve everything I can

Your vote has been noted!

@@InsiderPhD Hey, I have a question. So what if I can change the content type to application/xml, and it accepts it, but when I try a blind xxe to get a url, the request originates from my ip address. I got it to send a request, but instead of server side, it's from my ip address. Does that mean it's not vulnerable? I've tried other payloads but they don't work.

I’m not familiar with it! The only platform I do have experience with is Pentesterlab and I do recommend that one with a *. I’ll ask around and see!

@@InsiderPhD on the 20th of this month, they'll be having s seminar about their new Cyber Security course, I'll stay tuned. Thanks for your help.

I did a poll and some of the discussions resolved around feeling intimidated by APIs and JSON, I wanted to get a video out there just in case esp as I’m doing a ton of videos on API hacking!

Yup! I worked hard on that damn thing so I’m going to expand it! It has a few new vulns for a blind XSS now :D!

Send me a @ on twitter for your prize :)

@@InsiderPhD it's @yaboi_kryp2o

No stupid questions here! An endpoint is like a URL that does something so KZbin.com/watch?v=whatever resolves into a video but KZbin.com/watch doesn’t do anything so that’s not an endpoint A directory actually stores stuff, so think the files for the videos KZbin, but you usually need a direct link unless you can see into the folder. Hope that helps!

@@InsiderPhD Haha thank you !! this cleared me !! your video motivates me to learn more and more :!!

No, but I think university is useful for other reasons, to meet people, be exposed to lots of different careers and to broaden your horizons!

InsiderPhD thank you I’m doing a course & I was worried if I need to go to school too & I wasted my time

You see it a lot in mobile apps, but keep an eye out for app that automatically refresh like yahoo mail or apps with a lot of client activity, APIs are great places to find JSON

Hello Mam, I have seen your videos but I don't have laptop how can I find through mobile phone. Can you please help me.

You'll get first soon ;)

No problem 😊