I can confidently say that if I encountered this as a 13 year old Googling how to be a computer hacker, the book likely would have changed the course of my life. Even if you are not particularly interested in API security or building cross-API products, Hacking APIs scratches that primal itch to break in and break things.

There is immense value in some of the products and services built upon the exploitation of APIs. As a result, there is very little reciprocity between teachers and students. Shady characters hound experienced engineers and pen testers, carve out their little niches, and then disappear. Everyone seems to be in it for themselves aside from Corey Ball.

I've created some useful and profitable systems, including one powered by my own version of the AWS IP rotator described at the end of chapter 13. It's weird yet gratifying seeing nearly identical step-by-step instructions for something I built years ago appear in a book and be available to a wider audience (to be clear: IP-based rate limiting isn't a hard problem, just one that someone with no programming experience would have no idea how to solve). While I'm not truly an expert and have been a shadowy profiteer, the effort behind this book must have been immense. I have no doubt that the author has mastered this subject.

Hacking APIs receives a strong recommendation from this washed-up reviewer.