blob: 945c893a46623dd645a1922dd5cb5035be5c52cd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
+++
title = "Technical book review: Hacking APIs"
author = ["Michał Sapka"]
date = 2024-01-19T20:01:00+01:00
categories = ["blog"]
draft = false
weight = 2001
abstract = "Short impression of 2600 magazine"
+++
{{< img-r "hacking-apis.jpg" >}}
Cover
{{< /img-r >}}
I am a software developer with a new-found interest in security.
Childhood spent watching hacking-related entertainment didn't go to waste.
When I saw the _hacking_ humble bundle, I knew I needed it.
My first read[^fn:1] from that bundle was not a love at first sight I expected it to be.
Luckily, _Hacking APIs_ is a completely different beast.
The title says it all: it's about hacking web APIs.
The target audience seems to be aspiring pentesters.
I may even say that no prior experience is expected, as the author explains _a lot_.
You will learn how those APIs work, what to look when testing them and how to exploit them.
The book gives a really nice overview of most common vulnerabilities types, giving me new ways to be smug.
It is always welcomed.
Still, I will not benefit from a huge part of this book as it reads like a commercial for Burp Suite.
Yes, it is a standard and learning what one can do with it is great.
But I am not a pentester, so I will not need all that practical knowledge.
It's a great exercise for me, nothing more.
It will also come in handy if I decide to switch trades.
Highly recommended book!
## Meta {#meta}
- Read as PDF on Onyx Boox Note Air 2.
- Issues bought from Humble Bundle
- Next up: back to "Absolute FreeBSD".
[^fn:1]: [Cybersecurity for Small Networks](/blog/2023/cybersecurity-for-small-networks/)
|
