Black Hat GraphQL: API Attacks for Hackers and Pentesters - Nick /... - Librairie Eyrolles
Menu

mon compte Connexion

mon panier 0 article

Vous avez entre 15 et 18 ans ? Profitez du Pass Culture à la librairie Eyrolles !
Tous nos rayons
Aucun résultat pour ""

Rayons

Graphisme & Photo Informatique Construction Entreprise & Droit Sciences Littérature Arts & Loisirs Vie pratique Voyage et Tourisme BD et Jeunesse

Déjà client ? Identifiez-vous

Mot de passe oublié ?

Nouveau client ?

CRÉER VOTRE COMPTE
Black Hat GraphQL: API Attacks for Hackers and Pentesters
Ajouter à une liste

Librairie Eyrolles - Paris 5e
Disponible en magasin

Black Hat GraphQL: API Attacks for Hackers and Pentesters

Black Hat GraphQL: API Attacks for Hackers and Pentesters

Nick / Farhi Aleks

(0 avis) Donner votre avis
320 pages, parution le 22/05/2023
Ajouter à une liste

Expédié sous 24h

Livraison à partir de 0,01€ dès 35€ d'achats
Pour une livraison en France métropolitaine

Retrait à la librairie - Paris 5e

Disponible dès demain

Résumé

Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub.

Web applications are increasingly using the query language GraphQL to share data, but the security of these useful APIs is lagging behind. Authored by the developers of widely used GraphQL security-testing tools, Black Hat GraphQL will teach you how to find and exploit flaws in this technology.

Early chapters provide in-depth knowledge of GraphQL and its query language, as well as its potential security pitfalls. Readers will then be guided through setting up a hacking lab for targeting GraphQL applications using specialized GraphQL security tools. They will learn how to conduct offensive security tests against production GraphQL systems by gleaning information from GraphQL implementations during reconnaissance and probing them for vulnerabilities, like injections, information disclosure, and Denial of Service. Dolev Farhi is a security engineer and author with extensive experience leading security engineering teams in complex environments and scale in the Fintech and cyber security industries. Currently, he is the Principal Security Engineer at Wealthsimple, building defenses for one of the fastest Fintech companies in North America. Dolev has previously worked for several security firms and provided training for official Linux certification tracks. He is one of the founders of DEFCON Toronto (DC416), a popular Toronto-based hacker group. In his spare time, he enjoys researching vulnerabilities in IoT devices, participating and building CTF challenges and contributing exploits to Exploit-DB.

Nick Aleks is a leader in Toronto's cybersecurity community and a distinguished and patented security engineer, speaker, and researcher. He is currently the Senior Director of Security at Wealthsimple, leads his own security firm, ASEC.IO, and is a Senior Advisory Board member for HackStudent, George Brown, and the University of Guelph's Master of Cybersecurity and Threat Intelligence programs. A founder of DEFCON Toronto, he specializes in offensive security and penetration testing and has over 10 years of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.

Caractéristiques techniques

  PAPIER
Éditeur(s) No Starch Press
Auteur(s) Nick / Farhi Aleks
Parution 22/05/2023
Nb. de pages 320
EAN13 9781718502840

Avantages Eyrolles.com

Livraison à partir de 0,01 en France métropolitaine
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ d'un million et demi de livres disponibles

Consultez aussi

satisfait ou remboursé
Satisfait ou remboursé
Paiement sécurisé
modes de paiement
Paiement à l'expédition
partout dans le monde
Livraison partout dans le monde
Service clients sav@commande.eyrolles.com
librairie française
Librairie française depuis 1925
Recevez nos newsletters
Vous serez régulièrement informé(e) de toutes nos actualités.
Inscription