Recon

Postman is an API platform for developers to design, build and test their APIs. The platform allows users to work in teams and organizations, giving users the option to share their workspace over the Internet. One of the features includes the ability to organize requests (GET, POST, PATCH, etc) on different ‘pages’, with the option to define request parameters, headers, authorization, body and tests. The issue at hand comes into play when request parameters are directly populated with values such as passwords, API tokens and secrets, combined with a workspace which has been shared publicly....