API Exposure
- Internal APIs exposed to the internet
Misconfigured Caching
- Custom headers (no
Authorization
header) and no Cache-Control
or Pragma
- Can lead to cached results and unauthorized access to data
Exposed tokens
JWT Weaknesses
- First part
- "none" algorithm
- "kids" parameter
- change key
- Second part
- Change the data, hope no signature validation takes place
- Third part
Authorization Issues / IDOR
Undocumented Endpoints
- Fuzzing for new endpoints
Different Versions
Conventional:
/api/v1/
/api/v2/
/api/beta/
Non-conventional (/api/
):
qa
devenv
devenv1
devenv2
preprod
pre-prod
test
testing
staging
stage
dev
development
deploy
slave
master
review
prod
uat
prep
Version2