Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Reverse Engineering APIs
Search
APItools
May 30, 2014
Technology
0
45
Reverse Engineering APIs
By @_mikz and Raimon Grau
At APIDays Mediterranea 2014
APItools
May 30, 2014
Tweet
Share
More Decks by APItools
See All by APItools
Enhance Mobile Dev With APItools
apitools
0
43
A Taste of Lua
apitools
0
190
Using 3rd party APIs in car apps
apitools
0
33
Making Hacker's Life Easier At Hackathons
apitools
0
45
Tips To Rock At Hackathons
apitools
0
220
Doing API Magic on NGINX
apitools
0
71
Other Decks in Technology
See All in Technology
月間数億レコードのアクセスログ基盤を無停止・低コストでAWS移行せよ!アプリケーションエンジニアのSREチャレンジ💪
miyamu
0
800
CDK対応したAWS DevOps Agentを試そう_20260201
masakiokuda
1
190
データ民主化のための LLM 活用状況と課題紹介(IVRy の場合)
wxyzzz
2
660
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
10k
What happened to RubyGems and what can we learn?
mikemcquaid
0
240
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
390
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
17k
日本語テキストと音楽の対照学習の技術とその応用
lycorptech_jp
PRO
1
420
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
4
1.3k
学生・新卒・ジュニアから目指すSRE
hiroyaonoe
2
540
SREが向き合う大規模リアーキテクチャ 〜信頼性とアジリティの両立〜
zepprix
0
400
usermode linux without MMU - fosdem2026 kernel devroom
thehajime
0
210
Featured
See All Featured
Making the Leap to Tech Lead
cromwellryan
135
9.7k
How to build a perfect <img>
jonoalderson
1
4.9k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
55
Discover your Explorer Soul
emna__ayadi
2
1.1k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
220
Color Theory Basics | Prateek | Gurzu
gurzu
0
190
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
240
Believing is Seeing
oripsolob
1
53
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.7k
Six Lessons from altMBA
skipperchong
29
4.1k
Rails Girls Zürich Keynote
gr2m
96
14k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.6k
Transcript
Reverse Engineering APIs Raimon Grau & Michal Cichra 3scale
Inspecting APIs github.com/kidd & github.com/mikz 3scale
Debugging APIs
[email protected]
&
[email protected]
3scale
APIs Everywhere
Get in touch!
[email protected]
Cases of study • ‘Hidden’ API:
Sonos • Combining APIs: Bicing on steroids
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Demotime!
Yay! :) or nay :(
Get in touch!
[email protected]
What else you could do? •
Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue
Get in touch!
[email protected]
Case 2: Api aggregation Bicing +
Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0
Get in touch!
[email protected]
Improvements • Reduce transfer size •
Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html
Demotime!
Get in touch!
[email protected]
How we improved? Size Savings Response
time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s
Get in touch!
[email protected]
What APIs to combine? Hue +
Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually
Get in touch!
[email protected]
What do we get from it?
• As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.
Get in touch!
[email protected]
Special Treat Primavera Sound Festival 2014
fake apps on Google Play Store real iOS app with a twist
Thank You and Happy Hacking! www.apitools.com @apitools -
[email protected]
[email protected]
/
[email protected]
apitools
miyamu
masakiokuda
wxyzzz
fullkaiten
mikemcquaid
hirosatogamo
sansan33
lycorptech_jp
yuu26
hiroyaonoe
zepprix
thehajime
cromwellryan
jonoalderson
techseoconnect
emna__ayadi
baasie
gurzu
tmiket
oripsolob
bcantrill
skipperchong
gr2m
philnash
![Debugging APIs [email protected] & [email protected] 3scale](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_2.jpg){kind=link}
![Get in touch! [email protected] Cases of study • ‘Hidden’ API:](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_4.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_5.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_6.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_7.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_8.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_9.jpg){kind=link}
![Get in touch! [email protected] What else you could do? •](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_12.jpg){kind=link}
![Get in touch! [email protected] Case 2: Api aggregation Bicing +](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_13.jpg){kind=link}
![Get in touch! [email protected] Improvements • Reduce transfer size •](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_14.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_15.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_16.jpg){kind=link}
![Get in touch! [email protected] How we improved? Size Savings Response](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_18.jpg){kind=link}
![Get in touch! [email protected] What APIs to combine? Hue +](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_19.jpg){kind=link}
![Get in touch! [email protected] What do we get from it?](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_20.jpg){kind=link}
![Get in touch! [email protected] Special Treat Primavera Sound Festival 2014](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_21.jpg){kind=link}
![Thank You and Happy Hacking! www.apitools.com @apitools - [email protected] [email protected]](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_22.jpg){kind=link}