8 Data Exposure and Sensitive Information Leakage

This chapter starts the fourth part of our book, which is about advanced API techniques. We will better understand the inherent problems of data exposure and sensitive information leakage that unpatched or badly configured API endpoints can suffer. We will tackle the nuances of how this can happen and ways of taking this in our favor as API pentesters.

Either by digesting some data masses or by taking a ride on previous pentesting findings, we will learn how data or sensitive information can be detected among other garbage or less valuable assets. This can save you time not only when conducting a pentest but also when planning to hit the final target of a coordinated attack. Some testers establish ...

Get Pentesting APIs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Pentesting APIs by Maurício Harley

8

Data Exposure and Sensitive Information Leakage

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly