index
BUY ME A BOOK
🪄Dark Magic
🕷️Aragoogs Nest
🧪Potions
- Web Browsers
- Computer Networking
🎆Spells
🖼️Flaws w/ Magical Frameworks
- Windows
- Linux
🌼Marauder's Boost
☠️Death Eaters
- Post Exploitation
  - Windows
  - Linux
🪄OLLIVANDERS
🚂Platform 9(3/4)
⛲Port Pensieve
- Enumeration
  - SMB & NetBIOS
  - SNMP
- Wordlists
🔆DUELS
- Pivoting
- SMB Relay Attack
🗺️Marauder's Map
🎧SIDE CHANNEL
- Side Channel Analysis
- Timing Side-Channel Attacks
  - Vulnerable Login
🥃Sky
🔷Obsidian
💢Threat Modeling
- Why Threat Model?
📡THREAT INTEL
- Threat Intelligence
- Tool Dump
📱Anything-Mobile-IoT
🎉Mischeif

Powered by GitBook

On this page

Learning Reference
Primer
Pentest Learning and Practice
Application Understanding

🗺️Marauder's Map

API Pentesting

GraphQL

PreviousAPI Pentesting NextPrimer

Last updated 10 months ago

GraphQL is a query language for APIs and a runtime for fulfilling those queries with existing data. GraphQL provides a complete and understandable description of the data in API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.

Learning Reference

Primer

NetNinja: https://www.youtube.com/playlist?list=PL4cUxeGkcC9gUxtblNUahcsg0WLxmrK_y (Watch Video 1 & 2)
Portswigger Academy: https://portswigger.net/web-security/graphql (First Start with the Basics)
Black Hat GraphQL by Nick Aleks, Dolev Farhi (Chapter 1)

Pentest Learning and Practice

Portswigger Academy GraphQL Rests
Black Hat GraphQL - Rest Chapters
Damn Vulnerable GraphQL Application: https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application?tab=readme-ov-file

Application Understanding

NodeJS Course (LWS): https://www.youtube.com/watch?v=WC-g0JtEIwM&list=PLHiZ4m8vCp9PHnOIT7gd30PCBoYCpGoQM&index=1
NetNinja Rest of the Videos regarding GraphQL

GraphQL | A query language for your APIgraphql