search

GraphQL

GraphQL is a query language for APIs and a runtime for fulfilling those queries with existing data. GraphQL provides a complete and understandable description of the data in API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.

LogoGraphQL | A query language for your APIgraphqlchevron-right

hashtag
Learning Reference

hashtag
Primer

  1. NetNinja: https://www.youtube.com/playlist?list=PL4cUxeGkcC9gUxtblNUahcsg0WLxmrK_yarrow-up-right (Watch Video 1 & 2)

  2. Portswigger Academy: https://portswigger.net/web-security/graphqlarrow-up-right (First Start with the Basics)

  3. Black Hat GraphQL by Nick Aleks, Dolev Farhi (Chapter 1)

hashtag
Pentest Learning and Practice

  1. Portswigger Academy GraphQL Rests

  2. Black Hat GraphQL - Rest Chapters

  3. Damn Vulnerable GraphQL Application: https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application?tab=readme-ov-filearrow-up-right

hashtag
Application Understanding

  1. NodeJS Course (LWS): https://www.youtube.com/watch?v=WC-g0JtEIwM&list=PLHiZ4m8vCp9PHnOIT7gd30PCBoYCpGoQM&index=1arrow-up-right

  2. NetNinja Rest of the Videos regarding GraphQL

PreviousAPI PentestingNextPrimer

Last updated