Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Reverse Engineering APIs
Search
APItools
May 30, 2014
Technology
0
45
Reverse Engineering APIs
By @_mikz and Raimon Grau
At APIDays Mediterranea 2014
APItools
May 30, 2014
Tweet
Share
More Decks by APItools
See All by APItools
Enhance Mobile Dev With APItools
apitools
0
43
A Taste of Lua
apitools
0
190
Using 3rd party APIs in car apps
apitools
0
33
Making Hacker's Life Easier At Hackathons
apitools
0
45
Tips To Rock At Hackathons
apitools
0
220
Doing API Magic on NGINX
apitools
0
71
Other Decks in Technology
See All in Technology
Agile Leadership Summit Keynote 2026
m_seki
1
340
Introduction to Bill One Development Engineer
sansan33
PRO
0
360
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
210
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
daitak
0
320
(金融庁共催)第4回金融データ活用チャレンジ勉強会資料
takumimukaiyama
0
120
仕様書駆動AI開発の実践: Issue→Skill→PRテンプレで 再現性を作る
knishioka
2
580
OCI Database Management サービス詳細
oracle4engineer
PRO
1
7.3k
Oracle Cloud Observability and Management Platform - OCI 運用監視サービス概要 -
oracle4engineer
PRO
2
14k
クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)
capytan
6
2.5k
MySQLのJSON機能の活用術
ikomachi226
0
150
toCプロダクトにおけるAI機能開発のしくじりと学び / ai-product-failures-and-learnings
rince
6
5.5k
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
4
4.8k
Featured
See All Featured
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1k
How to train your dragon (web standard)
notwaldorf
97
6.5k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
290
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2k
Amusing Abliteration
ianozsvald
0
96
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.1k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
96
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.7k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Rails Girls Zürich Keynote
gr2m
96
14k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
110
Transcript
Reverse Engineering APIs Raimon Grau & Michal Cichra 3scale
Inspecting APIs github.com/kidd & github.com/mikz 3scale
Debugging APIs
[email protected]
&
[email protected]
3scale
APIs Everywhere
Get in touch!
[email protected]
Cases of study • ‘Hidden’ API:
Sonos • Combining APIs: Bicing on steroids
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Demotime!
Yay! :) or nay :(
Get in touch!
[email protected]
What else you could do? •
Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue
Get in touch!
[email protected]
Case 2: Api aggregation Bicing +
Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0
Get in touch!
[email protected]
Improvements • Reduce transfer size •
Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html
Demotime!
Get in touch!
[email protected]
How we improved? Size Savings Response
time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s
Get in touch!
[email protected]
What APIs to combine? Hue +
Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually
Get in touch!
[email protected]
What do we get from it?
• As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.
Get in touch!
[email protected]
Special Treat Primavera Sound Festival 2014
fake apps on Google Play Store real iOS app with a twist
Thank You and Happy Hacking! www.apitools.com @apitools -
[email protected]
[email protected]
/
[email protected]
apitools
m_seki
sansan33
slsops
daitak
takumimukaiyama
knishioka
oracle4engineer
capytan
ikomachi226
rince
zozotech
morganepeng
tammyeverts
notwaldorf
jct
inesmontani
ianozsvald
aleyda
tmiket
bcantrill
denniskardys
gr2m
sabderemane
![Debugging APIs [email protected] & [email protected] 3scale](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_2.jpg){kind=link}
![Get in touch! [email protected] Cases of study • ‘Hidden’ API:](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_4.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_5.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_6.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_7.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_8.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_9.jpg){kind=link}
![Get in touch! [email protected] What else you could do? •](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_12.jpg){kind=link}
![Get in touch! [email protected] Case 2: Api aggregation Bicing +](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_13.jpg){kind=link}
![Get in touch! [email protected] Improvements • Reduce transfer size •](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_14.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_15.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_16.jpg){kind=link}
![Get in touch! [email protected] How we improved? Size Savings Response](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_18.jpg){kind=link}
![Get in touch! [email protected] What APIs to combine? Hue +](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_19.jpg){kind=link}
![Get in touch! [email protected] What do we get from it?](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_20.jpg){kind=link}
![Get in touch! [email protected] Special Treat Primavera Sound Festival 2014](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_21.jpg){kind=link}
![Thank You and Happy Hacking! www.apitools.com @apitools - [email protected] [email protected]](https://files.speakerdeck.com/presentations/dd8f0eb0f3dc01316a125e125a32493a/slide_22.jpg){kind=link}