I am back with another part of the Hacking GraphQL series. We have already gone through basics in the previous post. I highly recommend you to go through the post, if not already. In this blog we will go through a demo application called Generic University created by awesome InsiderPHD to understand some basic bugs and craft a methodology to test GraphQL.
Vulnerabilities in GraphQL Implementation
Let’s cut to the chase and come straight to the point, all the bugs which can be found in REST APIs can be found in the GraphQL.

#graphql #hacking #fun and profit #methodology #examples