New OWASP API Top 10 for Hackers
Рет қаралды 8,724
Күн бұрынBlog article isn’t done yet but I’ll get it up ASAP!
Today we explore the new OWASP API Top 10 in detail, the new version is much more hacker friendly and focuses on bugs we can find rather than defenders but how can we start to study these bugs and actually find them? Let’s take a look at some of the changes in the new OWASP API top 10 2023, which ones I recommend for beginners just starting out with API hacking and when to look out for specific bugs
There are a ton of vulnerabilities out there, like Prototype Pollution, SQL Injection, and remote code execution. And while they can be fun to exploit during CTFs but when they are lurking in our code…it’s not as fun
But that’s where our sponsor Snyk comes in - Snyk scans your code, dependencies, containers, and configs, all in real time. Snyk not only finds but also fixes vulnerabilities on the fly.
You can try it out yourself by signing up for free using my link, snyk.co/insiderphd. Import your repos, and voilà - Snyk identifies vulnerabilities, ready for you to fix with a simple click. It even opens fix PRs, so you can merge and get back to what you do best - coding (or hacking… ethically that is!).
Plus, it does it all from your existing toolkit - IDEs, CLI, repos, pipelines, Docker Hub, and more.
So check it out and find out if there are any vulnerabilities affecting your projects. It’s free forever so sign up using my link snyk.co/insiderphd
@shiiswii4136 7 ай бұрын
amazing video so many people only talk about the surface level of bug finding theres not enough information on the actual functional testing and specific places to search like in this video
@Pubgucxxxx 7 ай бұрын
Love from UZBEKISTAN💌
@InsiderPhD 7 ай бұрын
I THINK you might be the first viewer from Uzbekistan (that I know of anyway)!
@MFoster392 7 ай бұрын
You're the best!! I hope you have a healthy and happy 2025 young lady :-)
@shauncollins1280 5 ай бұрын
This person is from the future
@user-gl5hy8ep4z 7 ай бұрын
need more about this topic
@orbitxyz7867 7 ай бұрын
Mam please also continue bug bounty zero to hero series
@InsiderPhD 7 ай бұрын
Next episode is coming out tomorrow :)
@saikirangoud118 12 күн бұрын
great video
@anukiranghosh637 2 ай бұрын
Great video! Is the blog article up yet?
@comosaycomosah 7 ай бұрын
oh sweet haven't seen these changes yet
@tsuryu 5 ай бұрын
love from a college student in the philippines! thank you for this
@eyephpmyadmin6988 6 ай бұрын
Id love to see some move videos, maybe one of you going through a ctf/bug bounty live. Seeing that live recon helps a lot
@InsiderPhD 5 ай бұрын
Definitely something I’ll be doing more of!
@SohaibKhan-hp1oe 4 ай бұрын
Amazing content amazing explanation love from Pakistan
@PoRkch0p523 7 ай бұрын
🎉🎉🎉🎉🎉
@Safvanviber-xm3pn 7 ай бұрын
❤❤
@bigboycdznutz2079 6 ай бұрын
What are common vulnerabilities i would find in a COTS product like salesforce CRM's API's?
@InsiderPhD 6 ай бұрын
Access control, enterprise APIs are full of them and they’re a huge moneymaker for a lot of hackers
@jxkz7 7 ай бұрын
Mam can you tell me which books I needed to reffer for api hacking , not outdated , please
@InsiderPhD 6 ай бұрын
All books are out of date the minute they are published I’m afraid
@jxkz7 6 ай бұрын
Okay mam can you suggest some best books out there for me as beginner @@InsiderPhD
@user-ti6zo2hf8t 7 ай бұрын
hi
@shingareom 7 ай бұрын
Please reply me 😢..
@InsiderPhD 7 ай бұрын
👋
@shingareom 7 ай бұрын
@@InsiderPhD 🎉
AnythingAlexia
Рет қаралды 29 МЛН