appsec.fyi

A somewhat curated list of links to various topics in application security.

GraphQL

doyensec/graph-ql
GraphQL - Security Overview and Testing Tips
Facebook GraphQL CSRF
[TOKOPEDIA] SITE-WIDE CSRF THROUGH GRAPHQL REQUEST
Graphql Abuse to Steal Anyone’s Address
GraphQL Introspection leads to Sensitive Data Disclosure.
GraphQL introspection leads to sensitive data disclosure.
br3akp0int/GQLParser
andev-software/graphql-ide
swisskyrepo/GraphQLmap
GraphQL IDOR leads to information disclosure

Curated by Carl Sampson (@chs) on Nov 25 2020 18:00:11 EST