Had a very quick run through of the code and saw the API token is send in the url params. Do you know if HTB takes API token in the body of a post request?
HTTPS encrypts the url params as well as the request body so this is minor, but a lot of times url + params are logged in plaintext server side but post bodies are rarely logged.
Thanks for the library @kulinacs.
Had a very quick run through of the code and saw the API token is send in the url params. Do you know if HTB takes API token in the body of a post request?
HTTPS encrypts the url params as well as the request body so this is minor, but a lot of times url + params are logged in plaintext server side but post bodies are rarely logged.