HakByte: How to use Postman to Reverse Engineer Private APIs 

Amazing, reverse engineered a wireless controller the same way. It was a great way to start network automation.

Good timing. I need a simple integration to a device with an api without documentation, and this will definitely help!

Postman is awesome, been using it for a long time. It is extremely helpful writting code to interface APIs.. even if they are undocumented.

Thanks!!!! Amazing! Well worth spent 10 minutes to give me a MUCH better understanding. No fuzz, straight on with good examples and a working result.

Really enjoyed this, eyes are wide open for possibilities

This was so understandable I think that’s what I was waiting for I feel much more confident on the vectors now or what to ask Bless you!

I am trying to learn this stuff so I can archive Netflix original series as local video files! I hate the fact that if Netflix decides to remove these series, they will no longer exist.

Why not just filter by XHR requests?

Using Runescape as the ideal case example, I see you

The entire header section is going to be used by ebay in this case to fingerprint the browsers. Should be anonymized. But I've noticed servers on ebay sometimes do not have all the required fields populated, that is a search like that will miss a Lot of servers simply because the seller does not fill in all data on the required description of the item.

Really nice vid. Thumbs-up of course. Just a quick suggestion - bump up your font size a bit (on some screens it is hard to see) and use some sort of pointer tracking tool, so that people can see where you click. I had to go back a couple of times in several sections of the video to see where you were clicking.

Oh yeah wait a minute Mr.postman hey ey ey ye Mr.postman

what to do about cors error? i tried this multiple times, checked all headers but still giving me cors error

Nice video- any resources on reversing a mobil app API?

Exactly like when a ho up in this house is taking too much of the pie and you need to take more from their available code so you can reverse engineer to thief back and take a higher position and more of your commission back- gig workers- get on that. They love to give opaque information but no helpful data. - Thanks for this-

I would like to use your method but I get error 401 meassage "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API." Is there some method to find it or use other way?

Can you decompile an app and search api and can you use in postman? If yes then I'll send apk

to be frank the website you want most likely have cookies which changes in 12_24 hr , hence they will send 404

What is he wearing? Is that a mic?

Good info. Can I do that with C#?

What if there's a really shitty website and I want to make another one on top of it, just to use it as a database basically?

Brah, you need to hit up a boot camp.

Hey Micheal from the Security FWD

Enjoyed this, does Michael Raymond have any courses on api Hacking?

want to create a zalando invoive scraper but I am completely new in that theme. Already checked that there is a specific link which triggers the download of the invoive. But I need an efficient way to scrape the ordernumbers and orderdates. Can I use the technique shown in the video to scrape those informations?

Great video. Liked and subscribed. Thanks.

does this work on websites that requires user log ins

can i do this with safari and brave

Can we do the same thing for air tickets??

Great information!!

Wow great michael.

thanks! great video!!!

i like scraping sites but many times it can be illegal when you tap on the source with PII in it.. just saying, btw, nice tutorial

Yummy yummy, time to scrape.

Very cool indeed.

I need help scraping data from a website that has a firewall. Will pay

Just be careful to use the online version, as you might disclose sensitive information public.

Very cool!

thankyouu

Cool. :)

Jason.

💯

💚

👌

First

Second

Fourth

5

third

omfg you are claiming you are 'reverse engineering' lmfao, this is pathetic...

This guy has very feminine qualities

I prefer web based APIs I only know how to use those types by loading the content into a variable and splitting the string by the values I want