WHOIS vs RDAP

WHOIS vs RDAP

WHOIS vs RDAP What is WHOIS? Most website owners include a means to contact them on their website. It could be an email, an address, or a phone number. However, many don’t. Moreover, not all internet resources are websites. One would usually need to do extra work using tools like myip.ms or who.is to find […]

API Load Testing With Locust

API Load Testing With Locust

API Load Testing With Locust API Load Testing With Locust: Intro You’ve probably been in this situation before: you write code that does something, an endpoint for example. You test your endpoint using Postman or Insomnia, and everything works fine. You pass on the endpoint to the client-side developer, who then consumes the API and […]

Top OATH API Vulnerabilities

Top OATH API Vulnerabilites

Top OATH API Vulnerabilities Top OATH API Vulnerabilities: Intro When it comes to exploits, APIs are the greatest place to start. API access usually consists of three parts. Clients are issued tokens by an Authorization Server, which runs alongside APIs. The API receives access tokens from the client and applies domain-specific authorization rules based on […]

Guide To JSON Schema

JSON Schema

Guide to JSON Schema Before we go into JSON Schema, it’s important to know the difference between JSON and JSON Schema. JSON JSON is short for JavaScript Object Notation, and it’s a language-independent data format that APIs use to send requests and answers. JSON is simple to read and write for people and machines alike. […]

What is Fuzzing?

What is fuzzing

What is Fuzzing? Intro: What is Fuzzing? In 2014, Chinese hackers hacked into Community Health Systems, a for-profit US hospital chain, and stole 4.5 million patients’ data. The hackers exploited a bug called Heartbleed that was discovered in the OpenSSL cryptography library some months before the hack. Heartbleed is an example of a class of […]

11 OSINT Tools to Test in 2022

11 osint tools to test in 2022

11 OSINT Tools to Test in 2022 11 OSINT Tools to Test in 2022: Intro Hackers attack systems using open source intelligence. Before a hacker can get to your data, you can use OSINT tools to see whether any of your data has been compromised on the web. Open-source intelligence technologies scour the web for […]