Black hat graphql: attacking next generation apis, nick aleks, dolev farhi, opheliar chan, more
Описание
Black Hat GraphQL
is for anyone interested in learning how to break and protect GraphQL APIs
with the aid of offensive security testing. Whether you’re a penetration
tester, security analyst, or software engineer, you’ll learn how to attack
GraphQL APIs, develop hardening procedures, build automated security testing
into your development pipeline, and validate controls, all with no prior
exposure to GraphQL required.
Following an introduction to core concepts, you’ll build your lab, explore the
difference between GraphQL and REST APIs, run your first query, and learn how
to create custom queries.
You’ll also learn how to:
Use data collection and target mapping to learn about targets
Defend APIs against denial-of-service attacks and exploit insecure
configurations in GraphQL servers to gather information on hardened targets
Impersonate users and take admin-level actions on a remote server
Uncover injection-based vulnerabilities in servers, databases, and client
browsers
Exploit cross-site and server-side request forgery vulnerabilities, as well as
cross-site WebSocket hijacking, to force a server to request sensitive
information on your behalf
Dissect vulnerability disclosure reports and review exploit code to reveal how
vulnerabilities have impacted large companies
This comprehensive resource provides everything you need to defend GraphQL
APIs and build secure applications. Think of it as your umbrella in a
lightning storm.
Також купити книгу Black Hat GraphQL: Attacking Next Generation APIs, Nick
Aleks, Dolev Farhi, Opheliar Chan, more Ви можете по посиланню
Также ищут:
