Discovering vulnerable endpoints on API / Websites

Introduction Recently we had to do a security audit on a client’s API. However the documentation was very poor. After using some basic tools such as Zed Attack Proxy or Golismero. The report though kept haunting me for one reason when I was working on the API I realized that the error page had some […]

Read more