Cyber Work

How to hack an API: A walkthrough | Guest Katie Paxton-Fear

Jan 6, 2025

Katie Paxton-Fear, a bug bounty hunter and cybersecurity expert known for her YouTube channel, InsiderPhD, dives into the world of API hacking. She offers a live demonstration showcasing common vulnerabilities in shopping apps, emphasizing creativity in problem-solving. Listeners learn how to use tools like Burp Suite to exploit weaknesses, access personal data, and initiate unauthorized transactions. Katie shares practical tips for beginners, making API hacking an inviting entry into cybersecurity and the bug bounty hunting realm.

23:46

Episode guests

Katie Paxton-Fear

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Katie Paxton-Fear highlights the significance of creativity and problem-solving in API hacking, making it accessible to those lacking advanced technical skills.

The podcast emphasizes practical experience and engagement with real applications and tools like Burp Suite for aspiring API hackers to enhance their capabilities.

Deep dives

Understanding API Security Challenges

APIs, which enable communication between different software systems, pose unique security challenges due to their design and functions. They are built primarily for computer-to-computer interaction but often include human-readable components, making them susceptible to vulnerabilities. For instance, an API may have numerous endpoints, and a single mistake in code can be exploited by hackers, especially if they lack advanced technical skills. Consequently, these flaws present an opportunity for penetration testing and learning about security from the perspective of a hacker.

Intro

3min

Understanding API Security Challenges and Vulnerabilities

2min

API Hacking Essentials with Burp Suite

11min

Accessibility and Tools for Amateur Hacking

3min

Mastering API Hacking Through Practical Experience

5min

Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast

Watch the walkthrough here: https://www.youtube.com/watch?v=-CvvtwKXYjE

Join us on Cyber Work Hacks as Katie Paxton-Fear, known as InsiderPhD, demonstrates how to hack APIs and uncover vulnerabilities in shopping apps. Paxton-Fear provides a visual walkthrough of common mistakes in API security, emphasizing problem-solving and creativity over technical skills. You'll learn how to use tools like Burp Suite and Repeater to exploit vulnerabilities, access personal information and make unauthorized transactions. Paxton-Fears' insights make API hacking an accessible entry point into cybersecurity, highlighting the path to becoming a bug bounty hunter. Plus, discover tips on starting your API hacking journey and utilizing Infosec resources to build a successful career in cybersecurity. Don't miss this comprehensive guide to API hacking!

00:00 - Introduction to API security
03:16 - Understanding APIs and their vulnerabilities
05:26 - Live API hacking demonstration
05:43 - Exploring Burp Suite and Repeater
08:28 - Identifying and exploiting API vulnerabilities
09:50 - Real-world API hacking examples
17:21 - Tools and tips for aspiring hackers
19:31 - Steps to start bug bounty hunting
22:23 - Conclusion

– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=audio&utm_medium=podcast&utm_campaign=podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cyber Work

How to hack an API: A walkthrough | Guest Katie Paxton-Fear

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding API Security Challenges

Hands-On API Hacking Techniques

Getting Started with API Hacking and Bug Bounties

Remember Everything You Learn from Podcasts