WHSecurePath Wayne Howlett

Skill

API Security

AuthZ correctness, abuse controls, secure defaults.

Strong82%Evidence-first

Proficiency

6 capability3 tool2 working on

Capabilities

Broken access control / IDOR prevention
LabWriteup
AuthN vs AuthZ separation (roles/scopes/claims)
Writeup
JWT/OAuth concepts + safe validation
Writeup
Rate limiting + abuse prevention patterns
Project
Audit-ready logging for auth + sensitive actions
Project
Input validation strategy + safe error handling
Project

Tools

Postman / Insomnia
Lab
OpenAPI/Swagger (design + review)
Writeup
OWASP API Top 10 (reference)
Writeup

Working On

Advanced recon exposure checks (usernames/emails/leaks)
Planned
Auth abuse case library for demos
Planned

Next steps

This page will grow into proof blocks (labs, writeups, artifacts) as you attach evidence.

Projects →Back to Skills →