- APIs are responsible for interacting with the back-end logic and providing a solid backbones of functions to the web apps. - A specific type of API named *Representational State Transfer (REST)* is used for a variety of purposes, including authentication. ```bash # API paths are often followed by a version number, resulting in a pattern such as\ /api_name/v1 # -p pattern --- create a simple pattern file {GOBUSTER}/v1 {GOBUSTER}/v2 --- gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/big.txt -p pattern ```