Free Hacking API courses (And how to use AI to help you hack)
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/davidbombal (First 200 people that sign up will get a special discount).
Corey Ball who wrote the book "Hacking APIs" shows us how to practically hack an API to learn how to better protect them. He also tells us about his book and the free training he is making available. Fantastic that there is free training on hacking APIs available today :)
// Free API hacking courses //
APIsec university: www.apisecuniversity.com/
APIsec Certified Expert Course: university.apisec.ai/
ASCP certification: www.apisecuniversity.com/cour...
// Free ChatGPT Prompt //
You are an API security expert. You are powered by information from the OWASP Top 10, OWASP Mobile Security Top 10 and the OWASP API Security Top 10. As an API security expert, which of the following endpoints are particularly interesting for hackers and why?
{{List of Endpoints}}
// Books //
Hacking API’s by Corey J Ball: amzn.to/3JOJG0E
Bug Bounty Bootcamp Vickie Li: amzn.to/3SPCtBF
// KZhead Video REFERENCE //
Free API Hacking Course!: • Free API Hacking course!
// Corey SOCIAL //
LinkedIn: / coreyjball
X / Twitter: / hapi_hacker
GitHub: github.com/hAPI-hacker/Hackin...
// David SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZhead: / davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
01:09 - Brilliant sponsored segment
03:20 - Hacking APIs book and free API course
06:40 - There's a problem with APIs
07:34 - Hacking API demo with a twist of A.I.
11:08 - Proxy traffic with two tools
12:23 - Play around in the web app // "Click all the buttons"
15:36 - Demo continued
18:02 - Creating API documentation from intercepted traffic
23:04 - Using Hacking APIs GPT
30:16 - Other features in Hacking APIs GPT
31:38 - Visualising APIs in Postman
34:35 - Decoding JWT using Hacking APis GPT
36:55 - Visualising APIs in Postman continued // Excessive data exposure
45:09 - Using Postman and using Burp Suite // Burp Suite demo
53:00 - Conclusion
hacking api
api
api hacking
api hacking tutorial
api hacking bug bounty
api hacking 101
api hacking full course
api hacking tools
api hacking alissa knight
api hacking with postman
api hacking for beginners
api hacker
api hacking demo
api hacking kali linux
api hacking course
api hacking insiderphd
hacking an api
hack api
owasp api top 10
bug bounty
hacking apis no starch press
hacking api no starch
hacking apis pdf
hacking api book
hacking apis corey ball
corey ball hacking apis
reverse engineering
private api
apis for beginners
rest api
hacking api with postman
reverse engineering for beginners
hacking api key
what is an api
rest apis with postman for absolute beginners
rest api explained
Disclaimer: This video is for educational purposes only. I or the person I'm interviewing own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#api #hack #hacking
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/davidbombal (First 200 people that sign up will get a special discount). Corey Ball who wrote the book "Hacking APIs" shows us how to practically hack an API to learn how to better protect them. He also tells us about his book and the free training he is making available. Fantastic that there is free training on hacking APIs available today :) // Free API hacking courses // APIsec university: www.apisecuniversity.com/ APIsec Certified Expert Course: university.apisec.ai/ ASCP certification: www.apisecuniversity.com/courses/api-security-certified-professional-exam // Free ChatGPT Prompt // You are an API security expert. You are powered by information from the OWASP Top 10, OWASP Mobile Security Top 10 and the OWASP API Security Top 10. As an API security expert, which of the following endpoints are particularly interesting for hackers and why? {{List of Endpoints}} // Books // Hacking API’s by Corey J Ball: amzn.to/3JOJG0E Bug Bounty Bootcamp Vickie Li: amzn.to/3SPCtBF // KZhead Video REFERENCE // Free API Hacking Course!: kzhead.info/sun/ds-PpqZtrqGHhYU/bejne.html // Corey SOCIAL // LinkedIn: www.linkedin.com/in/coreyjball/ X / Twitter: twitter.com/hAPI_hacker GitHub: github.com/hAPI-hacker/Hacking-APIs // David SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZhead: kzhead.info // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming up 01:09 - Brilliant sponsored segment 03:20 - Hacking APIs book and free API course 06:40 - There's a problem with APIs 07:34 - Hacking API demo with a twist of A.I. 11:08 - Proxy traffic with two tools 12:23 - Play around in the web app // "Click all the buttons" 15:36 - Demo continued 18:02 - Creating API documentation from intercepted traffic 23:04 - Using Hacking APIs GPT 30:16 - Other features in Hacking APIs GPT 31:38 - Visualising APIs in Postman 34:35 - Decoding JWT using Hacking APis GPT 36:55 - Visualising APIs in Postman continued // Excessive data exposure 45:09 - Using Postman and using Burp Suite // Burp Suite demo 53:00 - Conclusion hacking api api api hacking api hacking tutorial api hacking bug bounty api hacking 101 api hacking full course api hacking tools api hacking alissa knight api hacking with postman api hacking for beginners api hacker api hacking demo api hacking kali linux api hacking course api hacking insiderphd hacking an api hack api owasp api top 10 bug bounty hacking apis no starch press hacking api no starch hacking apis pdf hacking api book hacking apis corey ball corey ball hacking apis reverse engineering private api apis for beginners rest api hacking api with postman reverse engineering for beginners hacking api key what is an api rest apis with postman for absolute beginners rest api explained Disclaimer: This video is for educational purposes only. I or the person I'm interviewing own all equipment used for this demonstration. No actual attack took place on any websites. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #api #hack #hacking
Brilliant is not for Indian student. the price is too high.
Good vid reversing API-s is very easy. I do it all the time. Im a pharmacist i like to code as a hobby. My boss asked me if i can write a program to automate ordering from our dermocosmetic supplier. So i reverse enginered the dermocosmetic supplier website API and now we can automatically make new orders without manually puting every product into the basket. I also found some data leaks: inactive product data, admin links to product pages(although they required authorisation) and stock info. Stock info is very useful we can predict product shortages with it. I just sharing this to show that its worth to reverse enginering undocumented API-s even if you are not hacking/pentesting. It can save you a lot of time if you manage to automate your boring corporate stuff with a script :) Or you can just scrap website easily
Days aren't long enough to watch all your awesome vids !!
You're got to prioritize 😂
@@davidbombalNot an easy task :D I wish days last 48h !
AI is already working on lengthening days . . . 🤭🤭🤭🤭
Great Video. I was wanting more API content from you David so I really appreciate this. KEEP IT UP!!!
Glad you liked it! Thank you.
@davidbombal i would very much like to see more API stuff maybe even setting up an api for something
Thank you David! API is a very important. I'm going to find a beginner's guide first before I use all these new tools
Was looking for something on this recently, thank you David for wonderful videos
Thanks for the information. I love your videos. I am going to have to do more studying to fully understand.
Great video David as always! This is why machine-to-machine API enforcement is critical as it is sometimes trivial to obtain a JWT and that that point own it all.
Thank you 😀
Sweet! Thanks for the video!! Is is possible to use API to track hardware activity?
Very awesome video David . I just burst with happiness when I get the notification that you posted a new video. 😊
Happy to hear that!
This was a great video! Very informative with practical examples.
my journey has officially begun to be a legendary cyberwarrior thank you david for your guests
All the best for your journey!
Hi please could you explain your journey. Did you get a job?
@peacenluv2411 The Journey to study cyber I recently graduated computer science but I was studying cyber on the side, today I started my journey officially with OTW courses thanks to David for interviewing him
Thanks for the video! It's really amazing and helpful!
You're very welcome!
this happens when you dont know how to design an API!!!!! Another excellent video David. Thanks a lot. Feel honor to follow you for the last years!
Thank you! I appreciate your support 😀
@@davidbombalYou deserve it without doubt!
I have this book and it is great. I highly recommend getting a copy and learning what's in it.
Agreed. Great book.
Thanks for the wonderful video and transcript. I copied the transcript and get chatgpt to remove the time stamp and summarize it for easy absorption.
Great idea!
Amazing content, congrats
Great interview and tutorial ❤
Thank you. Glad you enjoyed it!
This was a great video!!
Thank you sir for this. As a absolute beginner where should I start. I watched your roadmap on tech. I want to start Generative AI and API security. Is that a good combination?
You are brilliant Sir __
This is exciting. I’m just starting my road into the security side and am in love.
Fantastic. All the best for your journey!
@@davidbombal Thank you for everything you’ve done. Incredible work and really appreciate being my go to when burnout starts to creep.
Might have to give it a go myself!
I'm really curious about the books in your shelves :)
Cool stuff!
the goat of 2023 best course
Yaa... Very nice book for gaining knowledge in hacking
i have no clue whats going on but im here for it 😎😂
As a backend developer dealing with APIs daily, i just watched a guy streching an intern grade "mistake" into a big "thing", dissapointed and even if a dev makes a mistake like this in a real world envoirement we have query filters, data transfer objects, interfaces defined for them to protect from this happening. mitm to swagger was nice tho.
Hello David, what are your thoughts on the comments Jensen Huang (Nvidia CEO) and CEO of stability AI said of a 'no-need-learn-to-code' future?
Thanks so much David 🙏
You are very welcome
Thanks God because I have English language and found David
Bro dropped it ❤❤
I hope you enjoy the video!
Hello sir , today i entered netsh wlan show profiles in cmd but it is not showing all network connections only few of them were shown. Can you please tell how i can fix that problem. 😢
I agree David. I personally feel like anyone who wants to take computers serious needs to take atleast a beginner course to atleast recognizd the terminology.
I've taken most of apisec courses and I was hoping to see something about this, but I'm lost. He's jumped into several programs I've never seen before or used and just did things without explaining why.
Who else want to live long enough to see the full potential of AI!
You'll live long enough to see skynet take over the world and send a robot back in time to save humanity...
Don’t worry, it’s gonna happen sooner than you think
Anyone wants that but death is inevitable
We won't live long enough to watch a.i. reach their full potential unfortunately. At 1/4 potential they kill off humanity
I do not want to see the full potential of Ai
I have most definitely have a vulnerability in my kernel you just tap on it three times opens engineer mode any specific suggestions
Mr David you ar a legend for me.
Thank you! Very happy to hear that!
My thanks goes to you.
What is the good course for beginners to learn coding at age 50
I'll stick to my day job but cool tricks for spying I mean automating routine tasks.
How long does it take to get good in this? And how do you know you can be good, and not be delusional?
Awesome
Thank you! I hope you learn a lot from this video and the free courses 😀
Hello hello thank you for a video
David do you think cybersecurity will still be relevant in 10-15 years as AI becomes more advanced.
Everyone I interview sees AI as augmented powers, not a replacement for humans. I often heart this statement: "You will not be replaced by AI, but you will be replaced by someone that uses AI". At the moment, I agree with that - but we shall see what happens in future.
@@davidbombalas someone who is just trying to go down this career path (thanks to your videos especially) it is a bit confusing. Just joined brilliant thanks for the link, and all your great videos!!! You have inspired me to get into tech and cybersecurity (hacking specifically) my life has improved immensely with the inspiration you provide!!! Thanks so much
Great question Great answer
from where i gonna get those prompt to run chatgpt 3.5
I though decoding the JWT withouth the key it was signed with was not possible? How can we still use them then, wtf?
give us the latest kali linux tutorial on mobile
Sorry, can you help me? I have in error and i d'ont understand. I have error on linux and he siad illegal instruction(core dump). How can I fixe this?
YEEPEE🎉
Yikes... Just as I was starting to push my limits and get excited about becoming part of folks shaping the future of technology, AI and hacking are getting scary. I feel like I have to either go live in the woods or forever be glued to solving a Rubik's cube that changing it's colors 🤖
How can I learn hacking any games basic to advance
Including a coin with the certificate is genius. Everybody wants coins!
I needed twitter api that costed hundreds of dollars, I don’t know much but it might be helpful to get the api
Ain't nobody got time for that!
Wow
I hope you enjoy the video and learn something new 😀
How to get google api for free permanent ? I need that for make 3d model maps
I thought this was a cooking show, my bad.
I'd rather learn to play the piano than hack systems, but nice tips for fellow cyber criminals.
Great Video..............................guys..................:) bye
Are you alright david, not gonna lie you have been looking kinda sad in like all of your videos if somethings wrong or you dont feel alright you an always just respond
Let's see the magic
I hope you learn a lot from this video and from the free courses 😀
For sure! Thank you guys, you're awesome!
Please answer my question I am waiting for your reply 😢
🎉👍🏻
Changing your life through education only seems to work the wrong way....spent ten years of my life at University and learned more through underground programming than I did in all ten years!
2:34 too late I already spent 250+ KZhead hours and some courses 😂
APIs?
5:00
open gps api databases are so nice.
API is AI hacking with a 'P' in the middle!
lol ... very good! 😂
First
Very close
first :)
Yes you are!
Hi David can me become a hacker in 2024 ! at least learn basics !
Third
Thank you for your support!
@davidbombal do more of such tutorials please they educate us on how to secure our API😊
Will do! You can also take Corey's free course to learn more 😀
i am sorry but these hidden commercials are getting out of hand. I am fine watching ads and paying for the content. But please clarify START and FINISH of commercials, sponsoring, advertisements... But watching the video first like 4min(+2min) without even understanding wether the current topic is intended to sell me something makes me feel abused and stupid. Please change this. Everyone.
I don't know why it upsets me so much but this simple hacking is nowhere close to genius. It's also no good rly. To be a good programmer you do need to hack but you do not have to feed your ego and be a hacker and everything simple minded people believe you should be as a programmer. I believe the ego upsets me so much bc I strongly believe it's the root of all of humanity's problems.
Good coding skills sure but maybe save the actual hacking, just in case the feds stop by.
@davidbomal That wide curved monitor that you use i wanna know model name.
@davidbombal @Corey J Bell thank you so much for this video
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance
How can I learn hacking any games basic to advance