DVGA - Batch Query Attack | GraphQL Exploitation - Part - 3 | DVGA

Поделиться
HTML-код
  • Опубликовано: 22 окт 2024
  • In this part, we start with hacking on DVGA - Damn Vulnerable GraphQL Application. Starting with batch query attacks. We will see introspection query and Denial of Service ( DoS ) on GraphQL server.
    ▬▬▬▬▬▬ 🔗 Links From The Video ▬▬▬▬▬▬
    1. Damn Vulnerable GraphQL Application ( DVGA ) - github.com/dol...
    2. GraphQL Visualizer - nathanrandal.co...
    3. GraphQL Voyager - apis.guru/grap...
    ▬▬▬▬▬▬ 🔗 Other Links ▬▬▬▬▬▬
    💸 $100 Digital Ocean referral link :💸
    m.do.co/c/5e8e...
    Google FeedBack Form : forms.gle/fpUE...
    Discord : / discord
    Subreddit : / hackingsimplified
    Telegram : t.me/hackingsi...
    Hope it was worth your time.
    Stay tuned.
    Thank you everyone :)
    ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
    Disclaimer :
    These materials are for educational and research purposes only.
    Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! The creator of this video, nor anyone else affiliated in any way, is going to accept responsibility for your actions.
    ------------------------------------------------------------------------------------------------------------------------
    #graphql #hacking #HackingSimplified #StartHacking #beTheHACR #websecurity #howtohack #hack #howtobeahacker #hackingCourse #bugBounty #bug #bounty #hacker #freeHacking #freecourse
    hacking ,HackingSimplified, Hacking Simplified, Start Hacking ,Be The HACR, web security, how to be a hacker, free hacking, free hacking course, web security,hacking Course,bug Bounty,hacker,bug bounty,cyber security,bug bounty hunting

Комментарии • 13

  • @asprao3
    @asprao3 2 года назад

    Fantastic Walkthrough Aseem.
    Really Insightful. 🙌🏻🙌🏻🙌🏻

  • @ajayghale2623
    @ajayghale2623 10 месяцев назад

    I dont know why i could not find the endpoint you mentioned at 4:18 could you please help ?

  • @jairam470
    @jairam470 2 года назад

    Hi Aseem, Nice video series. One question - what action on DVGA will send the GET request SystemUpdate for the graphql endpoint?

    • @HackingSimplifiedAS
      @HackingSimplifiedAS  2 года назад

      IIRC there's an update button. That does this update thing. If not , then it's a hidden update feature 😀

  • @Itayst7
    @Itayst7 2 года назад

    Great vid!
    Are you planning on uploading more parts?

  • @bhavik_kanejiya
    @bhavik_kanejiya 2 года назад

    Great Video Bro🤩

  • @PentesterPlaybook
    @PentesterPlaybook 2 года назад

    finally

  • @deepeshbadgujar2961
    @deepeshbadgujar2961 2 года назад

    Nice explanation..
    How many parts will be there ?

    • @HackingSimplifiedAS
      @HackingSimplifiedAS  2 года назад +2

      Thanks 😃🙌
      There will be more parts as the number of scenarios, might club a few of those 😀

  • @dennismunyaka6537
    @dennismunyaka6537 2 года назад

    do you often do bounties?

Следующие
Автовоспроизведение
Damn GraphQL - Defending and Attacking APIs - Dolev Farhi29:16Damn GraphQL - Defending and Attacking APIs - Dolev Farhi
Damn GraphQL - Defending and Attacking APIs - Dolev FarhiBSides Vancouver
Просмотров 1,6 тыс.
17 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия Пешек12:4217 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия Пешек
17 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия ПешекEclipse - Шахматы
Просмотров 609 тыс.
Hunting for bugs in GraphQL APIs (Demo)50:41Hunting for bugs in GraphQL APIs (Demo)
Hunting for bugs in GraphQL APIs (Demo)InsiderPhD
Просмотров 16 тыс.
I hate skeeball, but I am going to beat EVERY ARCADE GAME26:48I hate skeeball, but I am going to beat EVERY ARCADE GAME
I hate skeeball, but I am going to beat EVERY ARCADE GAMEDougDoug
Просмотров 504 тыс.
PRESIDENTE (Video Oficial) - Gabito Ballesteros, Natanael Cano, Luis R Conriquez, Netón Vega03:04PRESIDENTE (Video Oficial) - Gabito Ballesteros, Natanael Cano, Luis R Conriquez, Netón Vega
PRESIDENTE (Video Oficial) - Gabito Ballesteros, Natanael Cano, Luis R Conriquez, Netón VegaGabito Ballesteros
Просмотров 1,6 млн
I’m remaking my 24-hour horror game12:20I’m remaking my 24-hour horror game
I’m remaking my 24-hour horror gameshawcat
Просмотров 354 тыс.
I Built a SECRET Pool in My Room!26:27I Built a SECRET Pool in My Room!
I Built a SECRET Pool in My Room!Ben Azelart
Просмотров 7 млн
Deep Recursion Attack + Introspection | Damn Vulnerable GraphQL App | GraphQL Exploitation - Part 410:37Deep Recursion Attack + Introspection | Damn Vulnerable GraphQL App | GraphQL Exploitation - Part 4
Deep Recursion Attack + Introspection | Damn Vulnerable GraphQL App | GraphQL Exploitation - Part 4Hacking Simplified
Просмотров 1,5 тыс.
Understanding how to hack GraphQL | Nick Aleks | GraphQL Wroclaw Meetup #1328:57Understanding how to hack GraphQL | Nick Aleks | GraphQL Wroclaw Meetup #13
Understanding how to hack GraphQL | Nick Aleks | GraphQL Wroclaw Meetup #13Mirumee Labs
Просмотров 561
Finding Your Next Bug: GraphQL49:34Finding Your Next Bug: GraphQL
Finding Your Next Bug: GraphQLInsiderPhD
Просмотров 24 тыс.
SSRF Hacking With Yuvraj | Hacker2Hacker | SSRF45:58SSRF Hacking With Yuvraj | Hacker2Hacker | SSRF
SSRF Hacking With Yuvraj | Hacker2Hacker | SSRFHacking Simplified
Просмотров 1,7 тыс.
GraphQL Security Vulnerabilities in the wild | Tristan Kalos | GraphQL Wroclaw Meetup #1325:07GraphQL Security Vulnerabilities in the wild | Tristan Kalos | GraphQL Wroclaw Meetup #13
GraphQL Security Vulnerabilities in the wild | Tristan Kalos | GraphQL Wroclaw Meetup #13Mirumee Labs
Просмотров 347
Theft of Arbitrary files from LocalStorage | Hacking on Android With Gaurang | #InsecureShop - 0236:20Theft of Arbitrary files from LocalStorage | Hacking on Android With Gaurang | #InsecureShop - 02
Theft of Arbitrary files from LocalStorage | Hacking on Android With Gaurang | #InsecureShop - 02Hacking Simplified
Просмотров 2 тыс.
Performing CSRF Exploits Over GraphQL10:36Performing CSRF Exploits Over GraphQL
Performing CSRF Exploits Over GraphQLIntigriti
Просмотров 1,5 тыс.
DVGA - Damn Vulnerable GraphQL Application | GraphQL Exploitation - Part - 2 | DVGA18:27DVGA - Damn Vulnerable GraphQL Application | GraphQL Exploitation - Part - 2 | DVGA
DVGA - Damn Vulnerable GraphQL Application | GraphQL Exploitation - Part - 2 | DVGAHacking Simplified
Просмотров 3,7 тыс.
Finding Your Next Bug: GraphQL Hacking - Katie Paxton-Fear (@InsiderPhd)54:34Finding Your Next Bug: GraphQL Hacking - Katie Paxton-Fear (@InsiderPhd)
Finding Your Next Bug: GraphQL Hacking - Katie Paxton-Fear (@InsiderPhd)OWASP London
Просмотров 3,7 тыс.
РАЗЪЯСНИЛ РОСГВАРДИИ ПО ЗАКОНУ. БЫДЛО КИДАЕТСЯ НА ПОКУПАТЕЛЯ. ЗАДЕРЖАЛИ ПОКУПАТЕЛЯ? 1ЧАСТЬ31:36РАЗЪЯСНИЛ РОСГВАРДИИ ПО ЗАКОНУ. БЫДЛО КИДАЕТСЯ НА ПОКУПАТЕЛЯ. ЗАДЕРЖАЛИ ПОКУПАТЕЛЯ? 1ЧАСТЬ
РАЗЪЯСНИЛ РОСГВАРДИИ ПО ЗАКОНУ. БЫДЛО КИДАЕТСЯ НА ПОКУПАТЕЛЯ. ЗАДЕРЖАЛИ ПОКУПАТЕЛЯ? 1ЧАСТЬARTEM WOLF
Просмотров 669 тыс.
Why is it different from what I thought?00:15Why is it different from what I thought?
Why is it different from what I thought?小凉夫妇
Просмотров 848 тыс.
Я купил ЛЕГЕНДУ! Возвращение AUDI RS 6!46:12Я купил ЛЕГЕНДУ! Возвращение AUDI RS 6!
Я купил ЛЕГЕНДУ! Возвращение AUDI RS 6!Bulkin Drive
Просмотров 730 тыс.
Тестирую гаджет для роллов! 🙈00:42Тестирую гаджет для роллов! 🙈
Тестирую гаджет для роллов! 🙈Сам себе сушист
Просмотров 1,2 млн
#kikakim00:17#kikakim
#kikakimKika Kim
Просмотров 8 млн
Настоящий или че у тебя с рожей?😃00:35Настоящий или че у тебя с рожей?😃
Настоящий или че у тебя с рожей?😃МЯТНАЯ ФАНТА
Просмотров 234 тыс.
这娘俩太坏了!竟然这样欺负爸爸 #funny #萌娃 #搞笑#cutebaby00:20这娘俩太坏了!竟然这样欺负爸爸 #funny #萌娃 #搞笑#cutebaby
这娘俩太坏了!竟然这样欺负爸爸 #funny #萌娃 #搞笑#cutebaby可爱小甜甜
Просмотров 4,4 млн
Палестинская девочка принесла на себе в больницу раненую сестренку00:40Палестинская девочка принесла на себе в больницу раненую сестренку
Палестинская девочка принесла на себе в больницу раненую сестренкуTRT на русском
Просмотров 393 тыс.