OWASP Top 10 Security Issues For APIs: A Checklist
Injection (XSS, SQLi) Test your API endpoints for injection vulnerabilities by sending unexpected input that could break or alter data. You can use tools like Postman’s JSON Editor to send malformed requests and then check the response body for errors. Also, you can use tools like OWASP ZAP , Burp Suite, and Websecurify with their intercepting proxies to modify request bodies on-the-fly before they reach your API endpoint
https://t.co/B7WYPp0gqY