I’m excited that the list includes my session on Testing & Hacking APIs which you can see here:
While I was pulling together the slides for my session I came to realize that while there are a ton of resources for application security testing the same can’t be said about API penetration testing. This gave me the idea to put together an API Penetration Testing Tips & Tricks sheet that people can use as a reference as they pull together their own methodology and strategy for API security testing. We handed this out at the event but if you didn’t get one or weren’t there you can get a copy of the sheet here. I’ll be continuously updating and making improvements to this sheet so let me know if you have ideas of things to add or just general feedback to make it better.