In part 1 we have covered basic of API and Learn the basic difference between soap and rest API.

Now let us take a quick look at the WEB SERVICE COMPONENT before we move forward and see the real hacking methods.

Basically there are three web components that are used but for web application API we will be using only two one for SOAP and other for Rest API.

The documentation standard that is used for SOAP is called WSDL and the documentation standard used for REST API is WADL

WSDL -Documentation Standard for SOAP

WADL-Documentation Standard for REST

Now some of you might think instead of demonstrating some cool trick to hack API I am showing you the documentation. but later you will understand how important these two files are.

So now you know about the documentation standard of both SOAP and REST API. Lets us move forward from the next writeup we will start focusing on process and techniques to find the vulnerability in API.

I am security researcher and penetration tester.You can follow me on twitter https://twitter.com/NiteshYours and Linkedin https://www.linkedin.com/in/osintnites