Dana Epp's Blog

follow: @[email protected]

Posts

Why you should stay “professionally detached” from the vulns you find

Why Shadow APIs provide a defenseless path for threat actors

Is the latest book on “Pentesting APIs” any good?

Evade IP blocking by using residential proxies

KEV + CWE = Attack Vector ❤️‍🔥

From Exploit to Extraction: Data Exfil in Blind RCE Attacks

Attacking APIs using JSON Injection

5 tips to improve your API exploits

Hacking API discovery with a custom Burp extension

Level Up Your Vulnerability Reports With CWEs