Comment by iansinnott
Comment by iansinnott 2 days ago
In short: Don't use HTML endpoints, use APIs.
This is not always possible, but if the product in question has a mobile app or a wearable talking to a server, you might be able to utilize the same API it's using:
- intercept requests from the device - find relevant auth headers/cookies/params - use that auth to access the API