Inhaltsangabe
Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.
Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you’re a penetration tester, security analyst, or software engineer, you’ll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.
Following an introduction to core concepts, you’ll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.
You’ll also learn how to:
- Use data collection and target mapping to learn about targets
- Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets
- Impersonate users and take admin-level actions on a remote server
- Uncover injection-based vulnerabilities in servers, databases, and client browsers
- Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf
- Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies
This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications. Think of it as your umbrella in a lightning storm.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Über die Autorin bzw. den Autor
Dolev Farhi is a security engineer and author of Black Hat Bash (No Starch Press, forthcoming in 2025). He has extensive experience leading security engineering teams in the Fintech and cybersecurity industries and is currently a distinguished security engineer at Palo Alto Networks, where he builds defenses for the largest cybersecurity company in the world. He has provided training for official Linux certification tracks and, in his spare time, enjoys researching vulnerabilities in IoT devices and building open source offensive security tools.
Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph’s Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Suchergebnisse für Black Hat GraphQL: Attacking Next Generation APIs
Beispielbild für diese ISBN
Black Hat GraphQL: API Attacks for Hackers and Pentesters
ISBN 10: 1718502842
ISBN 13: 9781718502840
Neu
Anbieter: Majestic Books, Hounslow, Vereinigtes Königreich
Verkäuferbewertung 4 von 5 Sternen
Zustand: New. Artikel-Nr. 402214268
Neu kaufen
EUR 50,06
EUR 7,48 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 2 verfügbar
Beispielbild für diese ISBN
Black Hat Graphql: Attacking Next Generation Apis
Anbieter: Revaluation Books, Exeter, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Brand New. 352 pages. 9.25x7.00x0.77 inches. In Stock. Artikel-Nr. __1718502842
Neu kaufen
EUR 53,13
EUR 14,39 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Black Hat GraphQL: Attacking Next Generation APIs
Anbieter: Kennys Bookstore, Olney, MD, USA
Verkäuferbewertung 4 von 5 Sternen
Zustand: New. 2023. Paperback. . . . . . Books ship from the US and Ireland. Artikel-Nr. V9781718502840
Neu kaufen
EUR 61,60
EUR 8,88 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 15 verfügbar
Beispielbild für diese ISBN
Black Hat GraphQL
Anbieter: Romtrade Corp., STERLING HEIGHTS, MI, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: New. This is a Brand-new US Edition. This Item may be shipped from US or any other country as we have multiple locations worldwide. Artikel-Nr. ABNR-323779
Foto des Verkäufers
Black Hat Graphql
Verlag:
No Starch Press, 2023
ISBN 10: 1718502842
ISBN 13: 9781718502840
Neu
Kartoniert / Broschiert
Anbieter: moluna, Greven, Deutschland
Verkäuferbewertung 4 von 5 Sternen
Kartoniert / Broschiert. Zustand: New. Dolev Farhi is a security engineer and author of Black Hat Bash (No Starch Press, forthcoming in 2025). He has extensive experience leading security engineering teams in the Fintech and cybersecurity industries and is currently a distingu. Artikel-Nr. 693283499
Neu kaufen
EUR 41,42
EUR 48,99 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 3 verfügbar
Beispielbild für diese ISBN
BLACK HAT GRAPHQL
Anbieter: Speedyhen, Hertfordshire, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Zustand: NEW. Artikel-Nr. NW9781718502840
Neu kaufen
EUR 48,35
EUR 47,21 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 2 verfügbar
Foto des Verkäufers
Black Hat GraphQL | Attacking Next Generation APIs
Anbieter: preigu, Osnabrück, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Black Hat GraphQL | Attacking Next Generation APIs | Nick Aleks (u. a.) | Taschenbuch | Einband - flex.(Paperback) | Englisch | 2023 | Random House LLC US | EAN 9781718502840 | Verantwortliche Person für die EU: Springer Fachmedien Wiesbaden GmbH, Postfach:15 46, 65189 Wiesbaden, info[at]bod[dot]de | Anbieter: preigu. Artikel-Nr. 123550830
Neu kaufen
EUR 43,75
EUR 70,00 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 1 verfügbar
Foto des Verkäufers
Black Hat GraphQL
Verlag:
Random House LLC US Mai 2023, 2023
ISBN 10: 1718502842
ISBN 13: 9781718502840
Neu
Taschenbuch
Anbieter: buchversandmimpf2000, Emtmannsberg, BAYE, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Neuware -Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you're a penetration tester, security analyst, or software engineer, you'll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.You'll also learn how to:Libri GmbH, Europaallee 1, 36244 Bad Hersfeld 282 pp. Englisch. Artikel-Nr. 9781718502840
Neu kaufen
EUR 55,50
EUR 60,00 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 2 verfügbar
Foto des Verkäufers
Black Hat GraphQL : Attacking Next Generation APIs
Verlag:
Random House LLC US Mai 2023, 2023
ISBN 10: 1718502842
ISBN 13: 9781718502840
Neu
Taschenbuch
Anbieter: AHA-BUCH GmbH, Einbeck, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Neuware - Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you re a penetration tester, security analyst, or software engineer, you ll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.Following an introduction to core concepts, you ll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.You ll also learn how to:Use data collection and target mapping to learn about targetsDefend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targetsImpersonate users and take admin-level actions on a remote serverUncover injection-based vulnerabilities in servers, databases, and client browsersExploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalfDissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companiesThis comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications. Think of it as your umbrella in a lightning storm. Artikel-Nr. 9781718502840
Neu kaufen
EUR 56,17
EUR 62,97 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 2 verfügbar