Maintenance window scheduled to begin at February 14th 2200 est. until 0400 est. February 15th

(e.g. yourname@email.com)

Forgot Password?

    Defense Visual Information Distribution Service Logo

    AvengerCon VII: Breaking GraphQL

    Advanced Embed Example

    Add the following CSS to the header block of your HTML document.

    Then add the mark-up below to the body block of the same document.

    UNITED STATES

    12.01.2022

    Video by Steven Stover 

    780th Military Intelligence Brigade (Cyber)

    Part of the AvengerCon VII presentations cleared for public release:

    Presented by Cadet Grant Smith. Grant is a senior at Virginia Tech studying cybersecurity management. He has interned with Army Cyber Command, the Naval Postgraduate School, and the Walt Disney Company during which he has worked in exploit development, red teaming, and threat analysis. Grant specializes in web application testing and is the creator of the popular GraphQL assessment tool Graph Crawler.

    GraphQL is steadily growing in usage and is showing no sign of stopping. It is a very powerful API and with great power comes great responsibility to abuse it. That's where we step in. In this presentation we will cover what GraphQL is, how its used, how to get as much data from it as possible, and how to use that data against the endpoint. We will focus on how to attack it as a pentester but knowing these security misconfigurations and how easily they can be abused is helpful for everyone.

    Boiler:

    AvengerCon is a free security event hosted every fall by Maryland Innovation and Security Institute to benefit the hackers of the U.S. Cyber Command community and the U.S. Army 780th Military Intelligence Brigade. The event is open to all service members and employees of U.S. Cyber Command and Department of Defense personnel supporting cyberspace missions. AvengerCon features presentations, hacker villages, training workshops, and much more.

    The event is open to all service members and employees of U.S. Cyber Command and Department of Defense, and related partners supporting cyberspace missions.

    The views expressed are those of the presenter, and do not reflect the official position of the 780th Military Intelligence Brigade, U.S. Cyber Command, the Department of the Army, or Department of Defense.

    VIDEO INFO

    Date Taken: 12.01.2022
    Date Posted: 01.04.2023 09:26
    Category: Series
    Video ID: 870207
    VIRIN: 221201-O-PX639-991
    Filename: DOD_109398052
    Length: 00:26:02
    Location: US

    Video Analytics

    Downloads: 1
    High-Res. Downloads: 1

    PUBLIC DOMAIN  

    This work, AvengerCon VII: Breaking GraphQL, by Steven Stover, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.

    MORE LIKE THIS

    CONTROLLED VOCABULARY KEYWORDS

    No keywords found.

    TAGS

    Cybersecurity
    AvengerCon VII

    OPTIONS

  •   Register/Login to Download