Engineering notes from the trenches.
Reverse-engineering APIs, automation that survives production, security research, and honest takes on the tools I ship with.
Reverse-engineering APIs, automation that survives production, security research, and honest takes on the tools I ship with.
4 posts ← reset filters
Before I integrate with any API — official or reverse-engineered — I run through this checklist to avoid surprises later.
JWTs are meant to be opaque to users. They're not. Here's what I learn about your architecture just by decoding one.
A practical walkthrough of the methodology I use when there's no documentation: capturing traffic, mapping endpoints, and validating assumptions before writing a single line of automation.
DevTools shows you everything, which is the problem. Here's how I filter signal from noise when reverse-engineering a web application's API.