GraphQL Introspection - HackTheBox 'Business CTF' - NoteQL

preview_player
Показать описание

  1. John Hammond
Рекомендации по теме
GraphQL Introspection - 0:14:34

GraphQL Introspection - HackTheBox 'Business CTF' - NoteQL

Validation, Execution, and 0:06:16

Validation, Execution, and Introspection | Walk the Docs: GraphQL

#NahamCon2024: GraphQL is 0:26:17

#NahamCon2024: GraphQL is the New PHP | @0xlupin

Hacking GraphQL | 0:06:30

Hacking GraphQL | FlagCoin Stage 1 | Glacier CTF 2022

Ultimate GraphQL Recon 0:05:09

Ultimate GraphQL Recon - A Tactical Approach

HackTheBox Business CTF 0:25:56

HackTheBox Business CTF 2021 - Forensics: badRansomware Walkthrough

Hack The Box 0:16:13

Hack The Box Business CTF 2021 - Sketchy Page challenge solution

HackTheBox 'Business CTF' 0:26:56

HackTheBox 'Business CTF' - discordvm - Node.js Sandbox Escape

Understanding GraphQL Security: 0:23:59

Understanding GraphQL Security: Protecting Your Server from Abuse - Erik Guzman

Attacking And Defending 0:49:19

Attacking And Defending GraphQL: The Ultimate Guide by Leo Juszkiewicz

BAD RANSOMWARE - 0:22:01

BAD RANSOMWARE - HackTheBox Business CTF

JSON Web Keys 0:29:09

JSON Web Keys (JWK & JWT) - 'Emergency' - HackTheBox Business CTF

GraphQL API Vulnerabilities 0:15:50

GraphQL API Vulnerabilities Lab05

GraphQL - Chain 0:09:05

GraphQL - Chain Introspection with SQLi

Accidental exposure of 0:02:09

Accidental exposure of private GraphQL fields | Hacking GraphQL | #graphql #security

HackTheBox 'Business CTF' 0:16:02

HackTheBox 'Business CTF' - Time - Command Injection

AES-CFB Cryptography Mistakes 0:22:40

AES-CFB Cryptography Mistakes - HackTheBox Business CTF 'Domain Controller'

GraphQL API Vulnerabilities: 0:05:30

GraphQL API Vulnerabilities: Accessing private GraphQL posts

Reverse Engineering Loops 0:11:18

Reverse Engineering Loops - 'Syncopation' HackTheBox Business CTF

Understanding how to 0:28:57

Understanding how to hack GraphQL | Nick Aleks | GraphQL Wroclaw Meetup #13

Security Testing for 0:06:37

Security Testing for GraphQL Backed Applications - Ryan Severns

Attacking GraphQl in 0:07:26

Attacking GraphQl in DVGA using (Altair GraphQL Client + Burp Suite)

IDOR Via GraphQL 0:01:48

IDOR Via GraphQL Endpoints [patika dev] | Bug Bounty | 808080

Web Security Academy 0:17:29

Web Security Academy | GraphQL | 5 - Performing CSRF Exploits Over GraphQL

Комментарии
Автор

GraphQL is definitely the new hotness compared to good ol' Restful APIs, so more content related to pwning GraphQL endpoints would be pretty interesting.

thegrossmeyer
Автор

these 2 hours of waiting will feel like an eternity!

dadik
Автор

You're not wasting my time mate, I came here for that. But what surprised me is how you're actually thinking out loud which is fascinating for me and I really appreciate it, being able to peek into a fellow researcher's mind. Great video, keep going!

zhivkogospodinov
Автор

Loving these videos! Super cool how you explain each and every thing you do, even as a seasoned programmer it’s always cool to see how another programmer thinks! Thank you!

insanitydefined
Автор

John you are the MAN!! I get so excited for your videos, they're what I look forward to each week! Great personality, great sense of humor and great way of explaining what your doing! Keep up the excellent work mate!! Your channel is better than TV!! 👍🏽😆

mamoswx
Автор

someone on Loi Liang's video commented about this channel, and here i am subscribing

archhuman
Автор

You make soo much fun,

Also, A amazing teacher, I learnt lots of things from your videos, And really thankful for making such videos for us🙏

mayankarya
Автор

I love your channel, it's eye candy for pentesters.

robertcrier
Автор

I have now registered on HTB because of your videos :)

SinusQuell_
Автор

This technology is getting more and more used, therefore YES, I think it is a good thing to have few videos on GraphQL topic ;) Super nice your videos, John. Cheers!

GaryFrancis-qr
Автор

Whoop another video can’t wait ! 🤘🏻 love this guy!

teddybear
Автор

Others: I watch John Hammond for learning new cybersec skills.
Me: I watch him for his outro music 😂

argsahoo
Автор

You could write at the end of the URL /graphql that would open the Query editor. This would make it easier to intercept the data.

jrmartinss
Автор

I had fun learning graphql with you, thanks john.

_xplit_
Автор

Thanks again John, always look forward to your next video =)

makerslab
Автор

When you zoom that much it's also unreadable, just keep something in the middle :) Thanks for the video!

kojche
Автор

To avoid getting the unwanted traffic from the briwser, just patiently compile a list of offending domains and exclude it within the browser's proxy settings.

bufordmaddogtannen
Автор

Hi @john! Thanks for all this video and explanation! I was stuck for the "Syncopation" challenge in reversing section. Are you going to make a video on it? thanks!

tracid
Автор

What key did he used in sublime text to make the payload more simply use in burpsuite.

comdeyoverflow
Автор

Replace all new lines by "\n" is not working on Sublime text and Vs code, how is he doing it in this video?

georgehammond
visit shbcf.ru