Dyan Galih Nugroho Wicaksi
Finding an unsecure endpoint API's, using reverse engineering android technique
Who am i?
IT Enthusiast, Security Enthusiast, Public speaker
YAC - Yogyakarta Android Club
NgeSec - Ngelab Security
There is nothing secure in cyberworld
What is OWASP?
OWASP (Open Web Application Security Project) is an organization that provides unbiased and practical, cost-effective information about computer and Internet applications.
Top 10 2017-Top 10
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Broken Access Control
- Security Misconfiguration
- Sensitive Data Exposure
- Insufficient Attack Protection
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Underprotected APIs
What Is The Target?
What is an API?
Application program interface (API) is a set of routines, protocols, and tools for building software applications. An API specifies how software components should interact. Additionally, APIs are used when programming graphical user interface (GUI) components.
Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and reproducing it or reproducing anything based on the extracted information
- Show Java
- Apk Tools
- Apk Editor
Finding an Unsecure API
Finding un-secure API and how to test it. Just say the word.
Find In Files http or https
By Dyan Galih Nugroho Wicaksi