All posts for: Burp

In this post, I will focus on one of the most important tools used in penetration testing — Burp Suite. I will discuss its features that support the process of identifying vulnerabilities in web applications and explain how this tool can assist in security analysis.

In this article, I aim to present another mechanism for securing API requests, the implementation of which was a significant element of a real-world project. The discussed mechanism stands out with an additional layer of security through encrypting request content using RSA keys. This serves as an extra protective measure that can effectively complement the standard HTTPS protocol. Furthermore, digital signatures using RSA keys will be introduced as the icing on the cake in the later part of the article, ensuring the integrity verification of the messages we send. All communication will also be further secured against potential replay attacks.

In this article, I would like to describe the API request security mechanism that I encountered in one of my projects. This mechanism uses RSA keys to verify the integrity of requests and also incorporates an additional security feature against replay attacks.