Black Hat GraphQL Cover

Black Hat GraphQL

API Attacks for Hackers and Pentesters
by Dolev Farhi and Nick Aleks
April 2023, 320 pp.

Look Inside!

Black Hat GraphQL pages 128-129Black Hat GraphQL pages 190-191Black Hat GraphQL pages 250-251

Download Chapter 4: RECONNAISSANCE

Web applications are increasingly using the query language GraphQL to share data, but the security of these useful APIs is lagging behind. Written for hackers by hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, while introducing a number of exploits that are not yet widely known, and showing readers how to use GraphQL as a hacking tool.

Early chapters provide In-depth knowledge of GraphQL and its query language, as well as the mechanisms of GraphQL APIs. Readers will then be guided through setting up a hacking lab for targeting GraphQL applications, and exploit these APIs with specialized GraphQL security tools. The book also shows readers how to conduct offensive security tests against production GraphQL systems, how to glean information from GraphQL implementations during reconnaissance, and how to probe APIs for vulnerabilities, like injections, information disclosure, and Denial of Service.

Author Bio 

Dolev Farhi is a security engineer and author with extensive experience leading security engineering teams in complex environments and scale in the Fintech and cyber security industries. Currently, he is the Principal Security Engineer at Wealthsimple, building defenses for one of the fastest Fintech companies in North America. Dolev has previously worked for several security firms and provided training for official Linux certification tracks. He is one of the founders of DEFCON Toronto (DC416), a popular Toronto-based hacker group. In his spare time, he enjoys researching vulnerabilities in IoT devices, participating and building CTF challenges and contributing exploits to Exploit-DB.

Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph’s Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.

Table of contents 


Chapter 1: An Introduction to GraphQL
Chapter 2: Setting up a GraphQL Security Lab
Chapter 3: The GraphQL Attack Surface
Chapter 4: Reconnaissance
Chapter 5: Denial of Service

Chapter 6: Information Disclosure
Chapter 7: Authentication and Authorization Bypasses
Chapter 8: Injection
Chapter 9: Request Forgery and Hijacking
Chapter 10: Disclosed Vulnerabilities and Exploits
Appendix A: GraphQL API Testing Checklist
Appendix B: GraphQL Security Resources


The chapters in red are included in this Early Access PDF.