James Kettle
We've just published a new Web Security Academy topic on GraphQL! Learn how to abuse introspection, discover hidden data, bypass rate-limits, and trigger CSRF with this popular API technology.
https://portswigger.net/web-security/graphql
Testing GraphQL APIs | Web Security Academy

In this section we'll look at how to test GraphQL APIs. GraphQL vulnerabilities generally arise due to implementation and design flaws. For example, the ...

Jun 29, 2023 at 2:11pmWeb