Black Hat GraphQL. Attacking Next Generation APIs
Par : , ,Formats :
Disponible dans votre compte client Decitre ou Furet du Nord dès validation de votre commande. Le format ePub est :
- Compatible avec une lecture sur My Vivlio (smartphone, tablette, ordinateur)
- Compatible avec une lecture sur liseuses Vivlio
- Pour les liseuses autres que Vivlio, vous devez utiliser le logiciel Adobe Digital Edition. Non compatible avec la lecture sur les liseuses Kindle, Remarkable et Sony
, qui est-ce ?Notre partenaire de plateforme de lecture numérique où vous retrouverez l'ensemble de vos ebooks gratuitement
Pour en savoir plus sur nos ebooks, consultez notre aide en ligne ici
C'est si simple ! Lisez votre ebook avec l'app Vivlio sur votre tablette, mobile ou ordinateur :
- Nombre de pages320
- FormatePub
- ISBN978-1-7185-0285-7
- EAN9781718502857
- Date de parution23/05/2023
- Protection num.pas de protection
- Taille11 Mo
- Infos supplémentairesepub
- ÉditeurNo Starch Press
Résumé
Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub. Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you're a penetration tester, security analyst, or software engineer, you'll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.
Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries. You'll also learn how to: Use data collection and target mapping to learn about targets Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets Impersonate users and take admin-level actions on a remote server Uncover injection-based vulnerabilities in servers, databases, and client browsers Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications.
Think of it as your umbrella in a lightning storm.
Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries. You'll also learn how to: Use data collection and target mapping to learn about targets Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets Impersonate users and take admin-level actions on a remote server Uncover injection-based vulnerabilities in servers, databases, and client browsers Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications.
Think of it as your umbrella in a lightning storm.
Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub. Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you're a penetration tester, security analyst, or software engineer, you'll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.
Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries. You'll also learn how to: Use data collection and target mapping to learn about targets Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets Impersonate users and take admin-level actions on a remote server Uncover injection-based vulnerabilities in servers, databases, and client browsers Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications.
Think of it as your umbrella in a lightning storm.
Following an introduction to core concepts, you'll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries. You'll also learn how to: Use data collection and target mapping to learn about targets Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets Impersonate users and take admin-level actions on a remote server Uncover injection-based vulnerabilities in servers, databases, and client browsers Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications.
Think of it as your umbrella in a lightning storm.
