No video :(

Finding Your Next Bug: GraphQL

Подписаться 80 тыс.

Просмотров 24 тыс.

50% 1

GraphQL is becoming the next big API technology for developers, but with new technology comes new risk, and for us that means bounties! In this video, I cover everything GraphQL, from how it works to what kind of bugs are common. Next time we're going to expand on this and I'll show you how to do this live!
Did you know this episode was sponsored by Intigriti? Sign up with my link go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
APIs continue to be one of my favourite things to hack, and in fact, after I learned GraphQL a week or so later I had my first bug in GraphQL, nothing too interesting just an IDOR. I was shocked by how easy it was! The syntax really does put people off but there are so many bugs waiting to be found!
- Links -
- GraphQL Learn: graphql.org/learn/queries/
- Introspection / general payloads: github.com/swisskyrepo/Payloa...
- GraphQL Voyager: github.com/APIs-guru/graphql-...
- GraphQL IDE: github.com/andev-software/gra...
- Altair: altair.sirmuel.design
- InQL: github.com/doyensec/inql
- GraphQL Map: github.com/swisskyrepo/GraphQ...
- graphql-path-enum: gitlab.com/dee-see/graphql-pa...
- My video on Finding Bugs Using APIs: • Finding Your First Bug...
- My video on the Top 10 API Bugs: • Top 10 API Bugs (and W...
- Farah's GraphQL Video: • HACKING GraphQL FOR BE...
- A staff member with no permissions can edit Store Customer Email - $1,500: hackerone.com/reports/980511
- H1514 [beerify.shopifycloud.com] GraphQL discloses internal beer consumption - $802.20: hackerone.com/reports/419883
- latest_activity_id and latest_activity_at may disclose information about internal activities to unauthorized users - $1,000: hackerone.com/reports/724944
- Hacktivity of a private program visible to banned user if he gets invited to a program by hackbot - $500: hackerone.com/reports/357485
- Disclosure of `payment_transactions` for programs via GraphQL query - $2,500: hackerone.com/reports/707433
- Insufficient Type Check leading to Developer ability to delete Project, Repository, Group, ... - $5,000: hackerone.com/reports/960244 / hackerone.com/reports/858671
- Hacker101 GraphQL levels: www.hackerone.com/blog/graphq...
- NoSQL Injection: www.petecorey.com/blog/2017/06...
- HackTricks - GraphQL: book.hacktricks.xyz/pentestin...
- GraphQL Security Overview: blog.doyensec.com/2018/05/17/...
- Social Media -
Discord: insiderphd.dev/discord
Patreon: / insiderphd
Twitter: / insiderphd
- Patreon Shoutouts -
Yagami Panda
Niklas
Penny
Wardell Castles
strongbeard
Gynvael
Ram
James Clee
- Timestamps -
0:00 What is GraphQL and Why Hack it?
9:28 Writing Queries/Mutations and How They Work
22:56 Introspection and Recon
32:28 GraphQL Tools
36:18 GraphQL Bugs In The Wild
45:43 How to Hack GraphQL APIs

Опубликовано:

8 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 45

@kabirsuda 3 года назад

Perfect explanation!👏🏻This video cleared my brain about graphQL... Thanks Katie 🔥

@JL-ud6xx 2 года назад

Thank you for clearing my concept. Will listen to your practical video of it. Will help me in my work!!!!

@fredomana7183 3 года назад

You’re the best. Keep doing what you’re doing. Much love from San Diego

@lifeofsq5653 10 месяцев назад

Thanks for sharing your knowledge about GraphQL. Its really helpful for beginners in graphl vulns scanning

@1990shahid 3 года назад

amazing lecture!! - thank you for creating this. I'm new to this bug hunting so doing the hacker101 challenges and stuck on this graphQL nonsense :)

@luckythandel 3 года назад

Perfect explanation, keep making such videos plz. we all support you, katie.

@mehulverma9496 Год назад

Hey~~ I got Information disclosure and got 6 redbull trays thank you!!

@homeofcreation 2 года назад

As a Soap developer, having WS-Security this give me the creeps. As a bounty hunter this brings me joy!

@dibyanshusah117 3 года назад

Love.. Your.. Content.. Thank you.. ❤❤👍👍☺

@isiraadithya 3 года назад

She is back!!!!

@Nop1337 3 года назад

thank you so much!

@mohammedsabbirahmed3015 3 года назад

Hey katie. Awesome methodology and video as always but I think it would be wonderful if you could a takeaways slide at the end of the presentation . I think it would help greatly in effective note taking . Because whenever i watch your video i try to take notes and understand some things from it but it is not always possible to grasp every tips and tricks you provide in just one watch. So then i do some more research on the topic and relate that to my notetaking and still there remain certain things that im not able to properly grasp so i have to watch the whole video all over again to find that point where you were describing the desired topic and try to understand it more. And so until im able to fully understand all the note taking ive done it takes me to watch your videos like 4/5 times . So i think it would be really great if you could do just one more slide on the takeaways and it would really mitigate this problem i have and also help me to be efficient in taking notes . Thank you 😊

@InsiderPhD 3 года назад

Thank you for the feedback I will take it onboard and do a summary at the end :)

@mohammedsabbirahmed3015 3 года назад

@@InsiderPhD you are most welcome katie 🥰❤️❤️

@kira_io 3 года назад

Why am i jealous of a youtube video wtf. I hope i meet someone who pays as much attention to me as you do to graphql lectures.

@mohammedsabbirahmed3015 3 года назад

@@kira_io #katiehax 🙃

@kira_io 3 года назад

@@mohammedsabbirahmed3015 😳

@MultiJojomaster 3 года назад

Hey, I'd like to ask here since I'm a newbie to bug bounties.. What does it mean when a company states, that SCANNERS ARE NOT ALLOWED? Does it mean I can't use stuff like nmap, sqlmap, xsstriker etc? So I basically have to find all the bugs manually? Thanks in advance

@InsiderPhD 3 года назад

It means you can’t run a bunch of automated scanners, nmap would probably be disallowed but sqlmap and XSStrike (assuming you were running it on one endpoint) would be. They just don’t want a bunch of requests that clog up a service for legitimate users. Or they want real security issues rather than best practice which scanner often find.

@faique2995 3 года назад

Best teacher to learn web application hacking

@InsiderPhD 3 года назад

😁😁😁😁 I appreciate it!

@hirthicshyam9290 3 года назад

Do live bug Hunting

@NotToBeTooTakenSeriously 4 месяца назад

how do i get the introspection?

@InsiderPhD 4 месяца назад

Find a graphic endpoint and use the introspection query

@abhhibirdawade9657 3 года назад

Hey Katie

@shrirangkahale 3 года назад

Rewatching this video now.. apparently I forgot nearly everything :P

@UsamaAli-kr2cw Год назад

Your content is amazing but please try to make small videos in a playlist manner.

@ca7986 3 года назад

❤️

@rubena1720 3 года назад

your videos are nice, can you please teach everyone about subdomain takeover? -thanks

@sexayboiee 3 года назад

dude its like ads every 3 minutes, great content though.

@InsiderPhD 3 года назад

I’m so sorry it’s RU-vid adding them in automatically I’ve turned them off now and hopefully for all future videos!

@jaeger809 3 года назад

Hey i tried to find bugs many time. I can't even find a single bug. 😭

@jaeger809 3 года назад

@ahmad.mansour Mansour NO.

@malikimranawan3762 3 года назад

Hello mam

@mymothermom4858 3 года назад

Hi kitty i really need your help where can i contact you i just need 5min please

@InsiderPhD 3 года назад

Discord! I’m pretty active and if I’m not around someone else will try to help you

@mymothermom4858 3 года назад

@@InsiderPhD give me the link please

@CanaaniteRanger Год назад

Is this information still valid nowadays?!! (It is two years since this video was posted) ... and does those vulnerabilities still exists in the wild?! ... thank you

@InsiderPhD Год назад

Yup, actually even more common now as more companies have adopted this technology!

@CanaaniteRanger Год назад

@@InsiderPhD Thank you for answering ... and I would like to say "You are an awesome person" :-)

@FrenchPirate83 3 года назад

Nice video, but loud ads every 2 minutes... less happy about that.

@InsiderPhD 3 года назад

Ugh, sorry, I must have forgotten to turn them off, they are so annoying, youtube puts them on by default and they play ALL the time, despite me turning off midrolls

@rajkumar-vl7il 3 года назад

Hey Katie I loss my laptop (stolen) I may miss your lessons but I was hoping I get one soon ....

@InsiderPhD 3 года назад

Aww I’m sorry to hear that I know it sucks to lose your computer. I saved up for months to get my laptop and I can say I’d be absolutely devastated if it was stolen. Don’t worry too much about missing my content, it’ll all be here!

@rajkumar-vl7il 3 года назад

@@InsiderPhD Yes Dear my Valuable data is Lost ,😔 Hope 2021 gives something .....