Reverse Engineering the We Heart It API

Introduction

A while back, I came across the article from the The Washington Post describing We Heart It, a social network claiming over 30 million users. If you haven’t seen it, We Heart It (from here on out abbreviated as WHI) is a social network which encourages people to post and share photos and images of things that inspire them.

Having such a large user-base, I was interested in seeing what kind of API the site offered developers. However, I was disappointed when I found out that the API was closed to “partners”, and even this is not a full REST API, but rather a simple button developers can place on their website to allow users to interact with WHI.

With this being the case, I decided to take a look at the Android and iPhone apps using both static and dynamic analysis in an experiment to see if I could reverse engineer the API used on the backend. Here are the results.

Read More