Free Hacking API courses (And how to use AI to help you hack)
HTML-код
- Опубликовано: 7 июн 2024
- Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/davidbombal (First 200 people that sign up will get a special discount).
Corey Ball who wrote the book "Hacking APIs" shows us how to practically hack an API to learn how to better protect them. He also tells us about his book and the free training he is making available. Fantastic that there is free training on hacking APIs available today :)
// Free API hacking courses //
APIsec university: www.apisecuniversity.com/
APIsec Certified Expert Course: university.apisec.ai/
ASCP certification: www.apisecuniversity.com/cour...
// Free ChatGPT Prompt //
You are an API security expert. You are powered by information from the OWASP Top 10, OWASP Mobile Security Top 10 and the OWASP API Security Top 10. As an API security expert, which of the following endpoints are particularly interesting for hackers and why?
{{List of Endpoints}}
// Books //
Hacking API’s by Corey J Ball: amzn.to/3JOJG0E
Bug Bounty Bootcamp Vickie Li: amzn.to/3SPCtBF
// RUclips Video REFERENCE //
Free API Hacking Course!: • Free API Hacking course!
// Corey SOCIAL //
LinkedIn: / coreyjball
X / Twitter: / hapi_hacker
GitHub: github.com/hAPI-hacker/Hackin...
// David SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
RUclips: / davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
01:09 - Brilliant sponsored segment
03:20 - Hacking APIs book and free API course
06:40 - There's a problem with APIs
07:34 - Hacking API demo with a twist of A.I.
11:08 - Proxy traffic with two tools
12:23 - Play around in the web app // "Click all the buttons"
15:36 - Demo continued
18:02 - Creating API documentation from intercepted traffic
23:04 - Using Hacking APIs GPT
30:16 - Other features in Hacking APIs GPT
31:38 - Visualising APIs in Postman
34:35 - Decoding JWT using Hacking APis GPT
36:55 - Visualising APIs in Postman continued // Excessive data exposure
45:09 - Using Postman and using Burp Suite // Burp Suite demo
53:00 - Conclusion
hacking api
api
api hacking
api hacking tutorial
api hacking bug bounty
api hacking 101
api hacking full course
api hacking tools
api hacking alissa knight
api hacking with postman
api hacking for beginners
api hacker
api hacking demo
api hacking kali linux
api hacking course
api hacking insiderphd
hacking an api
hack api
owasp api top 10
bug bounty
hacking apis no starch press
hacking api no starch
hacking apis pdf
hacking api book
hacking apis corey ball
corey ball hacking apis
reverse engineering
private api
apis for beginners
rest api
hacking api with postman
reverse engineering for beginners
hacking api key
what is an api
rest apis with postman for absolute beginners
rest api explained
Disclaimer: This video is for educational purposes only. I or the person I'm interviewing own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#api #hack #hacking - Наука
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/davidbombal (First 200 people that sign up will get a special discount).
Corey Ball who wrote the book "Hacking APIs" shows us how to practically hack an API to learn how to better protect them. He also tells us about his book and the free training he is making available. Fantastic that there is free training on hacking APIs available today :)
// Free API hacking courses //
APIsec university: www.apisecuniversity.com/
APIsec Certified Expert Course: university.apisec.ai/
ASCP certification: www.apisecuniversity.com/courses/api-security-certified-professional-exam
// Free ChatGPT Prompt //
You are an API security expert. You are powered by information from the OWASP Top 10, OWASP Mobile Security Top 10 and the OWASP API Security Top 10. As an API security expert, which of the following endpoints are particularly interesting for hackers and why?
{{List of Endpoints}}
// Books //
Hacking API’s by Corey J Ball: amzn.to/3JOJG0E
Bug Bounty Bootcamp Vickie Li: amzn.to/3SPCtBF
// RUclips Video REFERENCE //
Free API Hacking Course!: ruclips.net/video/CkVvB5woQRM/видео.html
// Corey SOCIAL //
LinkedIn: www.linkedin.com/in/coreyjball/
X / Twitter: twitter.com/hAPI_hacker
GitHub: github.com/hAPI-hacker/Hacking-APIs
// David SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: ruclips.net/user/davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
01:09 - Brilliant sponsored segment
03:20 - Hacking APIs book and free API course
06:40 - There's a problem with APIs
07:34 - Hacking API demo with a twist of A.I.
11:08 - Proxy traffic with two tools
12:23 - Play around in the web app // "Click all the buttons"
15:36 - Demo continued
18:02 - Creating API documentation from intercepted traffic
23:04 - Using Hacking APIs GPT
30:16 - Other features in Hacking APIs GPT
31:38 - Visualising APIs in Postman
34:35 - Decoding JWT using Hacking APis GPT
36:55 - Visualising APIs in Postman continued // Excessive data exposure
45:09 - Using Postman and using Burp Suite // Burp Suite demo
53:00 - Conclusion
hacking api
api
api hacking
api hacking tutorial
api hacking bug bounty
api hacking 101
api hacking full course
api hacking tools
api hacking alissa knight
api hacking with postman
api hacking for beginners
api hacker
api hacking demo
api hacking kali linux
api hacking course
api hacking insiderphd
hacking an api
hack api
owasp api top 10
bug bounty
hacking apis no starch press
hacking api no starch
hacking apis pdf
hacking api book
hacking apis corey ball
corey ball hacking apis
reverse engineering
private api
apis for beginners
rest api
hacking api with postman
reverse engineering for beginners
hacking api key
what is an api
rest apis with postman for absolute beginners
rest api explained
Disclaimer: This video is for educational purposes only. I or the person I'm interviewing own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#api #hack #hacking
Brilliant is not for Indian student. the price is too high.
Good vid reversing API-s is very easy. I do it all the time. Im a pharmacist i like to code as a hobby. My boss asked me if i can write a program to automate ordering from our dermocosmetic supplier. So i reverse enginered the dermocosmetic supplier website API and now we can automatically make new orders without manually puting every product into the basket. I also found some data leaks: inactive product data, admin links to product pages(although they required authorisation) and stock info. Stock info is very useful we can predict product shortages with it. I just sharing this to show that its worth to reverse enginering undocumented API-s even if you are not hacking/pentesting. It can save you a lot of time if you manage to automate your boring corporate stuff with a script :) Or you can just scrap website easily
Days aren't long enough to watch all your awesome vids !!
You're got to prioritize 😂
@@davidbombalNot an easy task :D I wish days last 48h !
AI is already working on lengthening days . . . 🤭🤭🤭🤭
Great Video. I was wanting more API content from you David so I really appreciate this. KEEP IT UP!!!
Glad you liked it! Thank you.
@davidbombal i would very much like to see more API stuff maybe even setting up an api for something
Was looking for something on this recently, thank you David for wonderful videos
Thank you David! API is a very important. I'm going to find a beginner's guide first before I use all these new tools
Thanks for the video! It's really amazing and helpful!
You're very welcome!
Thanks for the information. I love your videos. I am going to have to do more studying to fully understand.
This was a great video! Very informative with practical examples.
Very awesome video David . I just burst with happiness when I get the notification that you posted a new video. 😊
Happy to hear that!
I have this book and it is great. I highly recommend getting a copy and learning what's in it.
Agreed. Great book.
Great video David as always! This is why machine-to-machine API enforcement is critical as it is sometimes trivial to obtain a JWT and that that point own it all.
Thank you 😀
Sweet! Thanks for the video!! Is is possible to use API to track hardware activity?
Thanks for the wonderful video and transcript.
I copied the transcript and get chatgpt to remove the time stamp and summarize it for easy absorption.
Great idea!
Great interview and tutorial ❤
Thank you. Glad you enjoyed it!
my journey has officially begun to be a legendary cyberwarrior thank you david for your guests
All the best for your journey!
Hi please could you explain your journey. Did you get a job?
@peacenluv2411 The Journey to study cyber I recently graduated computer science but I was studying cyber on the side, today I started my journey officially with OTW courses thanks to David for interviewing him
Amazing content, congrats
This was a great video!!
this happens when you dont know how to design an API!!!!!
Another excellent video David. Thanks a lot. Feel honor to follow you for the last years!
Thank you! I appreciate your support 😀
@@davidbombalYou deserve it without doubt!
You are brilliant Sir __
Might have to give it a go myself!
Cool stuff!
Thank you sir for this. As a absolute beginner where should I start. I watched your roadmap on tech. I want to start Generative AI and API security. Is that a good combination?
I'm really curious about the books in your shelves :)
Yaa... Very nice book for gaining knowledge in hacking
Hello sir , today i entered netsh wlan show profiles in cmd but it is not showing all network connections only few of them were shown. Can you please tell how i can fix that problem. 😢
This is exciting. I’m just starting my road into the security side and am in love.
Fantastic. All the best for your journey!
@@davidbombal Thank you for everything you’ve done. Incredible work and really appreciate being my go to when burnout starts to creep.
Thanks so much David 🙏
You are very welcome
the goat of 2023 best course
Hello David, what are your thoughts on the comments Jensen Huang (Nvidia CEO) and CEO of stability AI said of a 'no-need-learn-to-code' future?
Bro dropped it ❤❤
I hope you enjoy the video!
i have no clue whats going on but im here for it 😎😂
Thanks God because I have English language and found David
As a backend developer dealing with APIs daily, i just watched a guy streching an intern grade "mistake" into a big "thing", dissapointed and even if a dev makes a mistake like this in a real world envoirement we have query filters, data transfer objects, interfaces defined for them to protect from this happening.
mitm to swagger was nice tho.
Awesome
Thank you! I hope you learn a lot from this video and the free courses 😀
I have most definitely have a vulnerability in my kernel you just tap on it three times opens engineer mode any specific suggestions
Hello hello thank you for a video
Mr David you ar a legend for me.
Thank you! Very happy to hear that!
My thanks goes to you.
from where i gonna get those prompt to run chatgpt 3.5
What is the good course for beginners to learn coding at age 50
Sorry, can you help me?
I have in error and i d'ont understand.
I have error on linux and he siad illegal instruction(core dump). How can I fixe this?
I agree David. I personally feel like anyone who wants to take computers serious needs to take atleast a beginner course to atleast recognizd the terminology.
I've taken most of apisec courses and I was hoping to see something about this, but I'm lost. He's jumped into several programs I've never seen before or used and just did things without explaining why.
I though decoding the JWT withouth the key it was signed with was not possible? How can we still use them then, wtf?
I'll stick to my day job but cool tricks for spying I mean automating routine tasks.
How long does it take to get good in this? And how do you know you can be good, and not be delusional?
How can I learn hacking any games basic to advance
Wow
I hope you enjoy the video and learn something new 😀
YEEPEE🎉
Ain't nobody got time for that!
David do you think cybersecurity will still be relevant in 10-15 years as AI becomes more advanced.
Everyone I interview sees AI as augmented powers, not a replacement for humans. I often heart this statement: "You will not be replaced by AI, but you will be replaced by someone that uses AI". At the moment, I agree with that - but we shall see what happens in future.
@@davidbombalas someone who is just trying to go down this career path (thanks to your videos especially) it is a bit confusing. Just joined brilliant thanks for the link, and all your great videos!!! You have inspired me to get into tech and cybersecurity (hacking specifically) my life has improved immensely with the inspiration you provide!!! Thanks so much
Great question Great answer
give us the latest kali linux tutorial on mobile
Who else want to live long enough to see the full potential of AI!
You'll live long enough to see skynet take over the world and send a robot back in time to save humanity...
Don’t worry, it’s gonna happen sooner than you think
Anyone wants that but death is inevitable
We won't live long enough to watch a.i. reach their full potential unfortunately. At 1/4 potential they kill off humanity
I do not want to see the full potential of Ai
Including a coin with the certificate is genius. Everybody wants coins!
How to get google api for free permanent ? I need that for make 3d model maps
Yikes... Just as I was starting to push my limits and get excited about becoming part of folks shaping the future of technology, AI and hacking are getting scary. I feel like I have to either go live in the woods or forever be glued to solving a Rubik's cube that changing it's colors 🤖
Great Video..............................guys..................:) bye
I needed twitter api that costed hundreds of dollars, I don’t know much but it might be helpful to get the api
🎉👍🏻
Let's see the magic
I hope you learn a lot from this video and from the free courses 😀
For sure! Thank you guys, you're awesome!
5:00
Please answer my question I am waiting for your reply 😢
I'd rather learn to play the piano than hack systems, but nice tips for fellow cyber criminals.
I thought this was a cooking show, my bad.
APIs?
First
Very close
open gps api databases are so nice.
Are you alright david, not gonna lie you have been looking kinda sad in like all of your videos if somethings wrong or you dont feel alright you an always just respond
2:34 too late I already spent 250+ RUclips hours and some courses 😂
API is AI hacking with a 'P' in the middle!
lol ... very good! 😂
first :)
Yes you are!
Third
Thank you for your support!
Changing your life through education only seems to work the wrong way....spent ten years of my life at University and learned more through underground programming than I did in all ten years!
Hi David can me become a hacker in 2024 ! at least learn basics !
i am sorry but these hidden commercials are getting out of hand. I am fine watching ads and paying for the content. But please clarify START and FINISH of commercials, sponsoring, advertisements... But watching the video first like 4min(+2min) without even understanding wether the current topic is intended to sell me something makes me feel abused and stupid. Please change this. Everyone.
Good coding skills sure but maybe save the actual hacking, just in case the feds stop by.
@davidbombal do more of such tutorials please they educate us on how to secure our API😊
Will do! You can also take Corey's free course to learn more 😀
I don't know why it upsets me so much but this simple hacking is nowhere close to genius. It's also no good rly. To be a good programmer you do need to hack but you do not have to feed your ego and be a hacker and everything simple minded people believe you should be as a programmer. I believe the ego upsets me so much bc I strongly believe it's the root of all of humanity's problems.
@davidbomal That wide curved monitor that you use i wanna know model name.
@davidbombal @Corey J Bell thank you so much for this video
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance