Most of the modern applications that have been developed in the last years deeply rely on APIs, including web, mobile and IOT apps. APIs are different than traditional web servers in many ways. This change might be confusing and challenging for pentesters and security researches.
Come to learn how to leverage the new battleground to your advantage and:
1. Understand the underlying implementation of the application from the API traffic
2. Detect potential vulnerable points in APIs
3. Perform a successful and effective pen test in modern applications