Inspecting traffic with Burp Suite
This next section is going to go over how we can inspect our traffic to and from the REST API we just created. Inspecting traffic with Burp Suite is crucial to network pentesting and web application penetration testing because it allows us to see all the communications over a particular connection. While we won't worry about network intercepting, we will be using many of the same techniques used in web application penetration testing.
Before we begin moving forward with inspecting traffic, we need to ensure that we do some quick housekeeping before we get started. We will need to ensure that we have deployed our AWS API gateway too so that we can learn how to intercept traffic coming to and from the REST API.
Deploying the API gateway
To get started, log back into the AWS console and go to the API that we created at the beginning of this chapter:
Click on the...