We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In presentation Damn GraphQL - Defending and Attacking APIs - Dolev Farhi, a security researcher brings down a WordPress site by attacking the WPGraphQL endpoint, killing the DB in less than 20 seconds using a simple Python script. Frightening!
The same security researcher created Damn Vulnerable GraphQL Application to highlight several attach vectors to a GraphQL server.
Task: Attack a site running the GraphQL API for WordPress, and make an assessment if it withstands the attacks.
The text was updated successfully, but these errors were encountered:
I'm the security engineer behind DVGA/Damn GraphQL talk, I would be willing to take on this task if you need a pair of hands to test it out.
Sorry, something went wrong.
Hi @dolevf that would be awesome, thanks! (Btw, I loved your presentation!) I'll accept your help.
I still need to protect the server by query complexity analysis, though, and I can only implement it in a few months. I'll keep you updated
leoloso
No branches or pull requests
In presentation Damn GraphQL - Defending and Attacking APIs - Dolev Farhi, a security researcher brings down a WordPress site by attacking the WPGraphQL endpoint, killing the DB in less than 20 seconds using a simple Python script. Frightening!
The same security researcher created Damn Vulnerable GraphQL Application to highlight several attach vectors to a GraphQL server.
Task: Attack a site running the GraphQL API for WordPress, and make an assessment if it withstands the attacks.
The text was updated successfully, but these errors were encountered: