Big thank you to APISEC for sponsoring this video! Please make sure to check out all of their free resources down below ⬇️ 🔗 APISEC University's free API Courses 👉🏼 RSVP for APISec's FREE API Security conference 👉🏼 📚 If you want to learn bug bounty hunting from me: 💻 If you want to practice some of my free labs and challenges: 💵 FREE $200 DigitalOcean Credit: 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities - Hacking APIs: Breaking Web Application Programming Interfaces - Black Hat GraphQL: Attacking Next Generation APIs - 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - 2023 How to Bug Bounty - Bug Bounty Hunting Full Time - Hacking An Online Casino - WebApp Pentesting/Hacking Roadmap - MY OTHER SOCIALS: 🌍 My website - 👨‍💻 My free labs - 🐦 Twitter - 📸 Instagram - 👨‍💻 Linkedin - WHO AM I? If we haven't met before, hey 👋! I'm Ben, most people online know me online as NahamSec. I'm a hacker turned content creator. Through my videos on this channel, I share my experience as a top hacker and bug bounty hunter to help you become a better and more efficient hacker. FYI: Some of the links I have in the description are affiliate links that I get a a percentage from. 0:00 - Intro 2:00 - Authentication 3:10 - Leaking UUID 5:09 - Information Disclosure & Automation 8:00 - API Versioning 10:00 - Privilege Escalation 11:34 - GET vs PUT to bypass restrictions 13:05 - Automating Recon Process for API Hacking 17:15 - Putting it all together