ynvb

This is most probably an issue related with the IDA native debugger. I have opened an issue with HexRays regarding this problem, however at the moment it seems this is...

Thanks for opening the issue, taking a deeper look into that.

I have never tested it on OSX\Linux versions of IDA. Have yo tries installing networkx manually?

Good point. Agreed. This way or the other, I would personally recommend simply removing this sentence, as I believe that in the best-case scenario, it doesn't really add to the...

@planetlevel - to further strengthen your point: If this list is supposed to include only attacks unique to APIs, why is there a new "SSRF" category in this list? This...

Well, OWASP TOP-10 always stood out as an excellent way to categorize attacks. The most crucial thing about good categorization is trying to prevent overlaps as much as possible so...

I second that and completely agree with the above. I would also add and say that (regardless of whether OWASP decides to remove the "human-based" detection or not) - for...

Good point @rahulk22 - I think the closest category to this at the moment would be API-8. Perhaps it would be wise to re-review this category and try and include...

@inonshk - Here is a real-world example (it really happened. I will not disclose anything else here :) : A random guy wants to buy cheap airline tickets. He chooses...