Active defense: introducing a stateful vulnerability scanner for APIs · HackerTrans