Attacking own APIs to find security bugs

APIs