Reverse Engineering a Private API with mitmproxy

preview_player
Показать описание
Welcome to my very first video. Developers can often struggle to find the data they need for their personal projects due to certain services locking down their API's.

So I wanted to show you a way you can get the data you need. Please do not abuse this method as I take no responsibility for your actions.

It's worthy to note that this will not work for all applications as they may use 'Certificate Pinning' to which you'll need an Android or Jailbroken iOS device.

Hope you enjoy!

My Gear

  1. Cyris Cloete
  2. Coding
  3. Programming
  4. API
Рекомендации по теме
Hacking/Reverse Engineering a 0:06:35

Hacking/Reverse Engineering a PRIVATE api

Reverse Engineering a 0:08:25

Reverse Engineering a Private API with mitmproxy

HakByte: How to 0:14:59

HakByte: How to use Postman to Reverse Engineer Private APIs

How To: Reverse 0:11:47

How To: Reverse Engineer Any Private API (iOS/Android and Desktop)

Reverse Engineering a 0:26:54

Reverse Engineering a Private API | Joyce Lin | CascadiaJS 2022

Reverse Engineering an 0:25:54

Reverse Engineering an API

Master Website Reverse 0:27:03

Master Website Reverse Engineering: Access Backend APIs for FREE | Ethical Hacking Tutorial @pyguru

Hacking Trading View's 0:17:39

Hacking Trading View's API pt.1 (API Reverse engineering)

Security in Odoo's 1:01:15

Security in Odoo's Framework

Reverse Engineering a 0:00:43

Reverse Engineering a Private API with Rotating Proxy as a Feature

Reverse engineering undocumented 0:05:03

Reverse engineering undocumented APIs for use in Javascript

everything is open 0:13:56

everything is open source if you can reverse engineer (try it RIGHT NOW!)

Reverse Engineering Instagram's 0:47:50

Reverse Engineering Instagram's Private API Scraper [Re: WesBos]

Always Check for 0:11:50

Always Check for the Hidden API when Web Scraping

How to Prevent 0:00:46

How to Prevent Reverse Engineering of Your App?

Free Hacking API 0:53:46

Free Hacking API courses (And how to use AI to help you hack)

Reverse engineering an 0:06:22

Reverse engineering an API: using the Postman proxy

Beyond Automation Basics: 0:14:35

Beyond Automation Basics: Reverse Engineering a Private API (Canopy Tax)

Web Scraping + 0:52:33

Web Scraping + Reverse Engineering APIs

Web Scrapping Hacking 0:05:48

Web Scrapping Hacking hidden Api keys | Brainy Quotes | Python

Hacking Trading Views 0:14:15

Hacking Trading Views API pt.2 (API reverse engineering)

Looking for Secrets 0:06:02

Looking for Secrets in Disassembled Android APKs (I found one)

Finding hidden API 0:06:13

Finding hidden API of HM.com to web scrape all products

How to reverse 0:16:29

How to reverse engineer android apps (Tutorial)

Комментарии
Автор

Thanks for the super helpful video. Short but in depth and very clear to understand. Hope to see more from you soon!

Oscar-cwso
Автор

Congrats bro. More guts then me to put myself up on here! Keep it up :)

Wackybackydonaldduck
Автор

Just upload every week at lest I liked your video was simple and fast

Hotatoes
Автор

Thank you for the very good explanation. I reverse engineering the BYD app for my BYD car. I have installed the certificate on an iPhone as you explaint that. But if I start the BYD app it gives an network error and the app can't login. What can I do?

kadir
Автор

Do you think mitm can recognize and potentially capture traffic from bluestack

vaster
Автор

Isnt it easier to use postman instead of the node server? Great video btw! Thanks.

amyqb
Автор

Hi dude, I just want to say thanks for the video. It was well made and you did a good job of explaining what mitmproxy is and how to install it. I'll subscribe and I hope to see more videos from you. Keep it up!

tamboyistheman
Автор

Can someone make a video on how to remove a man-in-the-middle

NecerTrucompnerdd-gebd
Автор

The video was great cyrus! I am also learning editing to post my first tutorial.

tanveshsarve
Автор

Thanks for this, its pretty much exactly what I did to reverse engineer an API used to read my Solar Inverter's data that's being sent to the cloud. I now want to take it a step further by reverse engineering the data logger which is connected to my home WIFI. Like most IOT devices it does not have a proxy setting. So instead I want to try use MITMProxy in transparent mode. By setting the default gateway on the data logger to my Kali box. I'm pretty sure the datalogger make use of insecure SSL so i'm hoping that I will be able to capture the API calls without a root cert. Do you perhaps feel like creating a tutorial ? I have tried, once i set the default gateway on the data logger to point to my Kali machine it not longer has internet and MITMproxy does not show any connections. An yes I have set iptable rules to forward 80 and 443 to mitmproxy port 8080

Mailmartinviljoen
Автор

Great video! How did you get your camera just a circle?

Pacifica.Obscura
Автор

can we do the same to capture the traffic of a specific windows application?
for example you suspect a certain (.exe) legitimacy and instead of capturing everything
because capturing everything will be a very large overwhelming data capture with million of lines since a lot of other softwares are running in the background such as chrome .. extra

DoctorMGL
Автор

Short, sweet and to the point. Nicely done. Hope to see more

puppyscams
Автор

How can i access the source you used in video ? I am windows does it works in?

medicalism
Автор

So thankful to found your video. You have a talent to explain difficult things ! You channel will grow quickly! HQ content

Hole to see more from you. Have a great day.

sakisaki
Автор

Please teach how can i ise in windows?

medicalism
Автор

Great job! I found you from Twitter :)

Is there any difference between MITM and Fiddler?

ChrisGraves
Автор

great video, can you tell me how to get that flame effect on vs code?

KendaBeatMaker
Автор

is there a way to sniff out websockets?

memes_gbc
Автор

Keep posting! great quality content, Im sure your channel will go places! keep it up and good luck.

ChillzKent