Black Hat GraphQL (No Starch Press)
Monday, 19 June 2023

This book, subtitled "Attacking Next Generation APIs", is aimed at anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Dolev Farhi and Nick Aleks say that penetration testers, security analysts, and software engineers will all learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into development pipeline, and validate controls, all with no prior exposure to GraphQL required.

<ASIN:1718502842>

Following an introduction to core concepts, you’ll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.

Author: Dolev Farhi and Nick Aleks
Publisher: No Starch Press
Date: May 2023
Pages: 320
ISBN: 978-1718502840
Print: 1718502842
Kindle: B0B7Q8BYG1
Audience: People interested in security
Level: Intermediate
Category: Security

Topics covered:

  • Use data collection and target mapping to learn about targets  
  • Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets
  • Impersonate users and take admin-level actions on a remote server
  • Uncover injection-based vulnerabilities in servers, databases, and client browsers
  • Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf
  • Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies

 

For more Book Watch just click.

Book Watch is I Programmer's listing of new books and is compiled using publishers' publicity material. It is not to be read as a review where we provide an independent assessment. Some, but by no means all, of the books in Book Watch are eventually reviewed.

To have new titles included in Book Watch contact  BookWatch@i-programmer.info

Follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.

 

 

Banner

SQL Server 2022 Query Performance Tuning (Apress)

Author: Grant Fritchey
Publisher: Apress
Pages: 745
ISBN:978-1484288900
Print:1484288904
Kindle:B0BLYD98SQ
Audience: DBAs & SQL Devs
Rating: 4.7
Reviewer: Ian Stirk 

A popular performance tuning book gets updated for SQL Server 2022, how does it fare?


+ Full Review
C++ Programming, 6th Ed (In Easy Steps)

Author: Mike McGrath
Publisher: In Easy Steps
Date: April 2022
Pages: 192
ISBN: 978-1840789713
Print: 1840789719
Kindle: B09V2T9SJD
Audience: Developers wanting to learn C++
Reviewer: Mike James
This is the 6th edition of a slim book on C++. Can you really learn C++ in easy steps?


+ Full Review
More Reviews