API HACKING SECRETS PART 1

Nitesh Pandey
2 min readMay 25, 2020

--

In this series, i will be teaching you my methodology of hacking API. I will share all my knowledge that i learned in the past 3 years and make 1000 dollar hacking web applications and mobile API.

Let's get started…………….

In this series, i will tell you from the very basics of hacking API the secrets that were hidden from past decades. I will share my reports and other people apis report to give you the 360-degree view of API hacking

Before moving forward let us first know the basics of API.

Because if you want to hack something you should be familiar with in and out of that thing.

In our case its the API so we should know everything about API how it works where you can find certain vulnerability etc. without this knowledge you can find some vulnerability in API but not always

so let’s get started with the basic introduction of APPLICATION PROGRAMING LANGUAGE

WHAT IS API?

API means Application programming language.

An API is a set of definitions and protocols for building and integrating application software.

In simple words it’s a service using which two applications can talk to each other.

If you need to understand more check this video on what is API?

Link:https://www.youtube.com/watch?v=BF0hvorwuWQ&t=19s

So, let’s get started with API hacking now…..

There are lots of APIs, but we will focus on only web APIs, which is only two mentioned below.

  • SOAP
  • REST APIs

Before going ahead let quickly understand the main difference between SOAP AND REST API.

SOAP(Simple Object Access Protocol)

SOAP is a protocol, and it follows a strict standard to allow communication.

SOAP uses only XML for exchanging information in its message format.

SOAP user web services like WSDL

REST (REpresentational State Transfer.)

REST is an architectural style that doesn’t follow any strict standard

REST is not restricted to XML and it can use anything like XML, JSON , PLAIN-TEXT etc

REST USES URI like path

check Part 2 for more information…………..

--

--