A01=Dolev Farhi
A01=Nick Aleks
Age Group_Uncategorized
Age Group_Uncategorized
Author_Dolev Farhi
Author_Nick Aleks
automatic-update
business
business books
Category1=Non-Fiction
Category=UM
clean code
cloud computing
code
coding
coding for beginners
computer
computer books
computer networking
computer networks
computer security
computers
COP=United States
css
cyber security
cyber security books
cybersecurity
Delivery_Delivery within 10-20 working days
design books
eq_bestseller
eq_computing
eq_isMigrated=2
eq_nobargain
eq_non-fiction
gift books
graphql
hackers
hacking
hacking apis
hacking books
html
html and css
java
java programming
Language_English
management books
network
network security
networking
PA=In stock
penetration test
penetration testing
Price_€50 to €100
privacy
PS=Active
security
softlaunch
tech
technology
virtual reality
web design
web development
Product details
- ISBN 9781718502840
- Dimensions: 177 x 234mm
- Publication Date: 23 May 2023
- Publisher: No Starch Press,US
- Publication City/Country: US
- Product Form: Paperback
- Language: English
Secure
checkout
Fast Shipping
Easy returns
Web applications are increasingly using the query language GraphQL to share data, but the security of these useful APIs is lagging behind. Authored by the developers of widely used GraphQL security-testing tools, Black Hat GraphQL will teach you how to find and exploit flaws in this technology. Early chapters provide in-depth knowledge of GraphQL and its query language, as well as its potential security pitfalls. Readers will then be guided through setting up a hacking lab for targeting GraphQL applications using specialized GraphQL security tools. They will learn how to conduct offensive security tests against production GraphQL systems by gleaning information from GraphQL implementations during reconnaissance and probing them for vulnerabilities, like injections, information disclosure, and Denial of Service.
Dolev Farhi is a security engineer and author of Black Hat Bash (No Starch Press, forthcoming in 2025). He has extensive experience leading security engineering teams in the Fintech and cybersecurity industries and is currently a distinguished security engineer at Palo Alto Networks, where he builds defenses for the largest cybersecurity company in the world. He has provided training for official Linux certification tracks and, in his spare time, enjoys researching vulnerabilities in IoT devices and building open source offensive security tools.
Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph’s Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.
Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph’s Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.
