Black Hat GraphQL (Attacking Next Generation APIs)

Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.

Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you’re a penetration tester, security analyst, or software engineer, you’ll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.

Following an introduction to core concepts, you’ll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.

You’ll also learn how to:

• Use data collection and target mapping to learn about targets  
• Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets
• Impersonate users and take admin-level actions on a remote server
• Uncover injection-based vulnerabilities in servers, databases, and client browsers
• Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf
• Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies

This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications. Think of it as your umbrella in a lightning storm.

This book title, Black Hat GraphQL (Attacking Next Generation APIs), ISBN: 9781718502840, by Nick Aleks, Dolev Farhi, Opheliar Chan, published by No Starch Press (March 21, 2023) is available in paperback. Our minimum order quantity is 25 copies. All standard bulk book orders ship FREE in the continental USA and delivered in 4-10 business days.

Unlike Amazon and other retailers who may also offer Black Hat GraphQL (Attacking Next Generation APIs) books on their website, we specialize in large quantities and provide personal service, from trusted, experienced, friendly people in Portland, Oregon. We offer a Price Match Guarantee, and QuickQuote form, to make purchasing quick and easy.

Prefer to work with a human being when you order Black Hat GraphQL (Attacking Next Generation APIs) books in bulk? Our Book Specialists are standing by Monday-Friday 8-5 PST, ready to help!