Achraf Ait Sidi Hammou

Graphinder: lightweight and blazing fast GraphQL endpoint finder

6 days ago 2 min read pentest appsec open-source

Introducing Graphinder, a lightweight and blazing fast GraphQL endpoint finder, making penetration testing on GraphQL much faster ⚡️

Learning GraphQL Roadmap: 8 Steps to Master GraphQL

21 days ago 6 min read Getting Started

The adoption of GraphQL is growing like crazy. But the learning curve is steep and getting started can be overwhelming. Here's our 8-step roadmap to ship production-ready APIs

GraphQL Error Handling: a Security POV

a month ago 4 min read

Error messages in GraphQL are rarely seen as a security concern, yet they should. The risk? Leaking information and data! Learn more about GraphQL errors and how to handle them.

Building a type-safe Fullstack Application with GraphQL codegen

2 months ago 5 min read

There are two approaches to defining your schema in GraphQL: schema-first and code-first. When using Typescript, you might find yourself having to write types again and again. Enters GraphQL codegen: your schema file becomes the single source of truth.

9 GraphQL Security Best Practices

2 months ago 8 min read appsec Best Practices Getting Started

GraphQL has no security by default. All doors are open for the most basic attacks. Read more to learn about the exact threats and some simple strategies you can implement to get your users' data under lock and key 🔐