Written by hackers for hackers, this hands-on book teaches penetration testers how to identify vulnerabilities in apps that use GraphQL, a data query and manipulation language for APIs adopted by major companies like Facebook and GitHub. Web applications are increasingly using the query language GraphQL to share data, but the security of these useful APIs is lagging behind. Authored by the developers of widely used GraphQL security-testing tools, Black Hat GraphQL will teach you how to find and exploit flaws in this technology. Early chapters provide in-depth knowledge of GraphQL and its query language, as well as its potential security pitfalls. Readers will then be guided