Hacking OAuth2.0

The intent of this blog is to help penetration testers and security researchers get a deeper understanding of the OAuth protocol. We are going to learn how to bypass authentication using OAuth’s implicit flow. Before we attack OAuth we need to have an...

SiegeCast : Web Api Weaknesses

SIEGECAST: WEB API WEAKNESSES Penetration testing Web API’s can be difficult without an effective approach, so Charles Shirer is here to provide you with a few tips and tricks! Charles breaks down the fundamentals of hacking Web API’s and the methodology...