Syntax - Tasty Web Development Treats Hacking the Tonal - Proxying, Intercepting + Debugging Traffic?
8 snips
Sep 18, 2023 Discover how to intercept and debug network traffic from your devices with insights on proxying techniques. The hosts share their experiences with the Tonal workout device and its API, discussing features and API security. They highlight essential tools like ProxyMan and MITM Proxy for effective traffic management. Explore the evolution of web security from HTTP to HTTPS and the importance of SSL certificates. With practical tips on reverse engineering, you’ll gain valuable knowledge for navigating the world of web communications.
AI Snips
Chapters
Transcript
Episode notes
Tonal API Reverse-Engineering
- Scott Talinsky wanted to build a custom workout UI for Tonal.
- By proxying requests, he reverse-engineered the Tonal API to access workout data.
Investment Tracking
- Wes Boss used request interception to track investment allocations over time.
- He downloaded historical data via API by mimicking the website's requests.
Understanding HTTP Traffic
- Understand HTTP/HTTPS traffic and how data is sent and received via headers and request bodies.
- Look for session IDs or bearer tokens to mimic API requests programmatically.