Adithyakrishna V

  Roll back to the older vertion or, consider creating a virtual environment with an older Python version: curl https://pyenv.run | bash vim ~/.bashrc export PYENV_ROOT="$HOME/.pyenv" export PATH="$PYENV_ROOT/bin:$PATH" eval "$(pyenv init --path)" eval "$(pyenv init -)" source ~/.bashrc pyenv install 3.8.10 pyenv virtualenv 3.8.10 xsstrike-env pyenv activate xsstrike-env After this you may run into an error: ModuleNotFoundError: No module named 'requests' Just run this command: pip install requests Now the tool will be working just fine. If it helped consider subscribing to my YouTube channel:  https://www.youtube.com/channel/UCR9txckubHGilBvNGvud_dg I create contents about bug boundy and reverse engineering.

The uninstall script is in the folder " /opt/zapproxy/ " cd /opt/zapproxy/ sudo ./uninstall

API Analysis Reverse Engineering an API Detailed video in my YouTube If there is no documentation we will have to reverse-engineer the API based on our interactions. Mapping an API with several endpoints and a few methods can quickly become a large attack surface. To manage this process, build the requests under a collection to hack the API thoroughly. Postman can help you keep track of all of these requests. Postman Create a Workspace to save your collections. Use the Capture Requests button, found at the bottom right of the Postman window and select Enable proxy. Add your target URL to the “URL must contain” field, and click the Start Capture button. Use FoxyProxy to route the traffic through Postman. Now browse the website as intended, go through all the functionalities like creating an account, adding a profile photo, changing email, uploading a video and so on. Now go to the requests section of the postman and select all the API requests like the ones that are / api/, /v1/, etc..,...