arainho/awesome-api-security

Beginner's Guide to API Hacking

Contextual Content Discovery: You've forgotten about the API endpoints

microsoft/restler-fuzzer

API Tokens: A Tedious Survey

API security design best practices for enterprise and public cloud