{"id":20522729,"url":"https://github.com/dolevf/black-hat-graphql","last_synced_at":"2025-10-07T02:07:38.281Z","repository":{"id":103610250,"uuid":"429941424","full_name":"dolevf/Black-Hat-GraphQL","owner":"dolevf","description":"The Black Hat GraphQL Book Repository","archived":false,"fork":false,"pushed_at":"2024-07-14T02:46:34.000Z","size":116,"stargazers_count":234,"open_issues_count":0,"forks_count":63,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-03-31T04:05:47.440Z","etag":null,"topics":["book","graphql","hacking","nostarchpress","penetration-testing"],"latest_commit_sha":null,"homepage":"https://blackhatgraphql.com","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dolevf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-19T21:41:17.000Z","updated_at":"2025-03-30T05:06:27.000Z","dependencies_parsed_at":null,"dependency_job_id":"7e65a0f0-a325-459a-9098-5a44eaf2f2e7","html_url":"https://github.com/dolevf/Black-Hat-GraphQL","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolevf%2FBlack-Hat-GraphQL","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolevf%2FBlack-Hat-GraphQL/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolevf%2FBlack-Hat-GraphQL/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolevf%2FBlack-Hat-GraphQL/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dolevf","download_url":"https://codeload.github.com/dolevf/Black-Hat-GraphQL/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247601447,"owners_count":20964864,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["book","graphql","hacking","nostarchpress","penetration-testing"],"created_at":"2024-11-15T22:36:37.084Z","updated_at":"2025-10-07T02:07:38.274Z","avatar_url":"https://github.com/dolevf.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Black Hat GraphQL\nBook files for **Black Hat GraphQL**.\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd style=\"vertical-align:top;width:40%\"\u003e\n      \u003cimg src=\"Cover.png\" alt=\"Black Hat GraphQL Cover\" /\u003e\n    \u003c/td\u003e\n    \u003ctd style=\"vertical-align:top;width:60%\"\u003e\n      \u003cp\u003e\u003cstrong\u003eBlack Hat GraphQL\u003c/strong\u003e is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you’re a penetration tester, security analyst, or software engineer, you’ll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.\u003c/p\u003e\n      \u003cp\u003e\u003ca href=\"https://nostarch.com/black-hat-graphql\" target=\"_blank\"\u003eBuy the book from No Starch Press\u003c/a\u003e\u003c/p\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\nEnjoy!\n\n***\n\n## Errata\n* Page 83 Listing 4-14: `grep` command should be corrected to: `grep -Hnio \"graphiql\\|graphql-playground\" dvga-report/source/*`\n* Page 112: The sentence \"_In DVGA, run the following query [...]_\" should read: \"_In **Altair**, run the following query [...]_\".\n* Page 177: The `COOKIES` variable value should read `{\"session\":\"session-secret\"}`\n\n## Notes\n* Due to changes in InQL, you may need to install the tool from the its V4 branch, latest version being [4.0.7](https://github.com/doyensec/inql/releases/tag/v4.0.7)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdolevf%2Fblack-hat-graphql","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdolevf%2Fblack-hat-graphql","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdolevf%2Fblack-hat-graphql/lists"}