101 private links
WSTG - Latest on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
Zip Bombs are a thing of the past, but the concept behind them is still relevant nowadays. Indeed, your GraphQL application might be vulnerable to what we'll call GraphQL Bombs in this article. Read on to know if you're vulnerable and how to secure your GraphQL application!
How do zip
A curated list of awesome GraphQL Security frameworks, libraries, software and resources - GitHub - Escape-Technologies/awesome-graphql-security: A curated list of awesome GraphQL Security frameworks, libraries, software and resources
I am back with another part of the Hacking GraphQL series. We have already gone through basics in the previous post. I highly recommend you to go through the post, if not already. In this blog we will go through a demo application called Generic University created by awesome InsiderPHD to understand some basic bugs and craft a methodology to test GraphQL.
In this part one of GraphQL Hacking series, I will be going through some basics of GraphQL to understand technology better and in the next part we will be actually hacking a demo application. There are tons of good resources available especially official documentation is top notch. This blog is just an overview of the technology and how to use available resources for best results. So let’s begin …