Skip to content

shelltrail/tricky-apis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
node-api-csrf
node-api-csrf
 
 
node-api-pdf
node-api-pdf
 
 
node-api-sign
node-api-sign
 
 
node-api-sqli
node-api-sqli
 
 
node-api-version
node-api-version
 
 
README.md
README.md
 
 

Repository files navigation

tricky-apis

This repository contains tricky APIs and in some instances vulnerable APIs that is difficult to assess with vanilla a Burp suite setup.

The code in this repository should under no circumstances be used in production systems.

For detailed information regarding all APIs and how to attack them check out https://www.shelltrail.com/research/reshaper-the-guide-to-ultimate-burp-plugin-for-advanced-shenanigans/.

node-api-csrf

An API that requires an unique CSRF token for each request.

node-api-version

An API that requires an incrementing version number for each update.

node-api-sqli

A trivial SQL injection which requires input in base64 format.

node-api-sign

An API that requires a generated signature of the input for each input.

node-api-pdf

A PDF generator which requires multiple endpoints in order to generate a PDF.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages