= 2019-11-10 =

== Android API Sniffer / Debug ==

* [https://developers.google.com/gdata/articles/wireshark On the Wire: Network Capture Tools for API Developers] (June 2007-06)
* [https://www.toptal.com/back-end/reverse-engineering-the-private-api-hacking-your-couch A Tutorial for Reverse Engineering Your Software's Private API: Hacking Your Couch] (2015-01-06)
* [https://medium.com/@thomas_shone/reverse-engineering-apis-from-android-apps-part-1-ea3d07b2a6c Reverse Engineering APIs from Android Apps — Part 1] (2017-03-22)
* [http://iisecurity.in/blog/344/ Reverse Engineering Android Applications] (2017-07-18)
* [http://nestedif.com/android-security/3-sniffing-https-api-traffic-nougat-7-0-newer-os-bypassing-default-os-tls-security/ 3. Sniffing HTTPS API Traffic on Nougat 7.0 & newer OS bypassing default OS TLS security] (2018-05-25)
* [https://medium.com/better-practices/reverse-engineering-an-api-403fae885303 Reverse engineering an API] (2019-01-02)

== Proxy ==

* [https://www.telerik.com/fiddler Fiddler]
  * [http://vapthacker.blogspot.com/2018/02/api-sniffing-using-fiddler.html API Sniffing using Fiddler] (2018-02-16)
* [https://www.charlesproxy.com/ Charles]
* [https://learning.getpostman.com/docs/postman/sending-api-requests/interceptor-extension/ Postman]
  * [https://chrome.google.com/webstore/detail/postman-interceptor/aicmkgpgakddgnaphhhpliifpcfhicfo?hl=en Postman Interceptor]
* [https://mitmproxy.org/ mitmproxy]

== Java API Security ==

* https://howtodoinjava.com/security/rest-api-security-guide/