Synopsis
Web applications are increasingly using the query language GraphQL to share data, but the security of these useful APIs is lagging behind. Authored by the developers of widely used GraphQL security-testing tools, Black Hat GraphQL will teach you how to find and exploit flaws in this technology. Early chapters provide in-depth knowledge of GraphQL and its query language, as well as its potential security pitfalls. Readers will then be guided through setting up a hacking lab for targeting GraphQL applications using specialized GraphQL security tools. They will learn how to conduct offensive security tests against production GraphQL systems by gleaning information from GraphQL implementations during reconnaissance and probing them for vulnerabilities, like injections, information disclosure, and Denial of Service.
"synopsis" may belong to another edition of this title.
About the Author
Dolev Farhi is a security engineer and author of Black Hat Bash (No Starch Press, forthcoming in 2025). He has extensive experience leading security engineering teams in the Fintech and cybersecurity industries and is currently a distinguished security engineer at Palo Alto Networks, where he builds defenses for the largest cybersecurity company in the world. He has provided training for official Linux certification tracks and, in his spare time, enjoys researching vulnerabilities in IoT devices and building open source offensive security tools.
Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph’s Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.
"About this title" may belong to another edition of this title.
Search results for Black Hat GraphQL: Attacking Next Generation APIs
Stock Image
Black Hat GraphQL: Attacking Next Generation APIs
Seller: Bellwetherbooks, McKeesport, PA, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: Very Good. Very Good Condition - May show some limited signs of wear and may have a remainder mark. Pages and dust cover are intact and not marred by notes or highlighting. Seller Inventory # mon0000005031
Stock Image
Black Hat GraphQL: Attacking Next Generation APIs
Seller: Bellwetherbooks, McKeesport, PA, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: Good. Crease/tear to cover. Seller Inventory # mon0000015570
Stock Image
Black Hat GraphQL: Attacking Next Generation APIs
Seller: suffolkbooks, Center moriches, NY, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: Very Good. Fast Shipping - Safe and Secure 7 days a week! Seller Inventory # mon0000006482
Seller Image
Black Hat GraphQL: Attacking Next Generation APIs
Seller: Goodwill of Silicon Valley, SAN JOSE, CA, U.S.A.
Seller rating 5 out of 5 stars
Condition: good. Supports Goodwill of Silicon Valley job training programs. The cover and pages are in Good condition! Any other included accessories are also in Good condition showing use. Use can include some highlighting and writing, page and cover creases as well as other types visible wear. Seller Inventory # GWSVV.1718502842.G
Stock Image
Black Hat GraphQL: Attacking Next Generation APIs
Seller: Bellwetherbooks, McKeesport, PA, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: Fine. LIKE NEW!!! Has a red or black remainder mark on bottom/exterior edge of pages. Seller Inventory # mon0000015599
Seller Image
Black Hat GraphQL : Attacking Next Generation APIs
Seller: GreatBookPrices, Columbia, MD, U.S.A.
Seller rating 5 out of 5 stars
Condition: As New. Unread book in perfect condition. Seller Inventory # 44680660
Stock Image
Black Hat GraphQL : Attacking Next Generation APIs
Seller: GreatBookPrices, Columbia, MD, U.S.A.
Seller rating 5 out of 5 stars
Condition: New. Seller Inventory # 44680660-n
Seller Image
Black Hat GraphQL (Paperback)
Published by
No Starch Press,US, San Francisco, 2023
ISBN 10: 1718502842
ISBN 13: 9781718502840
New
Paperback
Seller: Grand Eagle Retail, Bensenville, IL, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: new. Paperback. Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you're a penetration tester, security analyst, or software engineer, you'll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.You'll also learn how to-Use data collection and target mapping to learn about targetsDefend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targetsImpersonate users and take admin-level actions on a remote serverUncover injection-based vulnerabilities in servers, databases, and client browsersExploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalfDissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companiesThis comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications. Think of it as your umbrella in a lightning storm. Shipping may be from multiple locations in the US or from the UK, depending on stock availability. Seller Inventory # 9781718502840
Stock Image
BlackHatGraphQL Format: Paperback
Seller: INDOO, Avenel, NJ, U.S.A.
Seller rating 5 out of 5 stars
Condition: New. Seller Inventory # 9781718502840
Stock Image
BlackHatGraphQL Format: Paperback
Seller: INDOO, Avenel, NJ, U.S.A.
Seller rating 5 out of 5 stars
Condition: As New. Unread copy in mint condition. Seller Inventory # RH9781718502840