Simply enter your keyword and we will help you find what you need.

What are you looking for?

API Testing

← Back to timetable

MAIN TRACK TALK

From Console to Contract: Ethical API Hacking & Debugging That Wins Practical API testing, DevTools tricks and a true endpoint-hacking story that led to a client win.

This talk bridges testing and security in a practical, non-theoretical way. It’s targeted at QA engineers who want to expand beyond UI-only checks, strengthen their API testing skills, and use browser tools as part of daily triage and testing workflows.

Modern QA work requires more than assertions and UI checks – it requires understanding how the application communicates, how APIs can be tested (and misused), and how to use built-in browser tools (Console, Network, DevTools, etc…) to speed up investigation and root-cause analysis. This talk covers pragmatic techniques for validating and hardening APIs, finding insecure endpoints, and using Console/Network to turn observations into reliable tests and bug reports.


What you’ll learn


Design focused API tests (requests, schemas, status codes, edge cases) that increase coverage and reduce flaky UI dependencies.


Use browser DevTools (Console, Network, Application) to discover hidden API calls, replay traffic, and extract payloads for automated tests.


Apply basic ethical “hacking” checks on endpoints: input fuzzing, parameter tampering, authorization checks, and response analysis (without destructive testing).


Convert manual findings into automated checks (Postman, examples) and meaningful bug reports. Adopt 'common sense' heuristics for triaging issues quickly (how to prioritise, when to escalate to security, when to write regression tests).


Session details

Track 2

12:00h - 12:45h · May 28th

40 min talk + 5 min Q&A

API Testing, Ethical Hacking

General Level

Talk in English, Translated to Spanish

A short note from Cedomir on his talk

cedomir_zivkovic

Cedomir Zivkovic

Cedomir had the opportunity to work with several companies, including Vast, Hyperoptic, Zepter, Tatatu, and Strabag. In his current role as a Senior QA Engineer (Mentor & Lead), he’s passionate about software testing and quality improvement. Cedomir focus is on gaining a deep understanding of user needs and ensuring quality across all layers of an application – from API, Frontend, and Database, to Automation, Gateway, ESP, and ERP systems. He also has strong expertise in analysing application communication and traffic between endpoints to ensure reliability and performance.

expo:QA® is organised by NEXO QA

Newsletter Sign-up

    Code of Conduct  ·  Privacy Policy  ·  T&C

    Follow Us