Forces Unseen Blog

Alex Leahu

By Alex Leahu

Search engines are part of everyday life and help us quickly find information we are looking for. But anyone who has used search engines for a long time realizes its pitfalls. Companies have figured out how to optimize their websites and fight for the top spaces of your search results. As a consequence, we end up with results that are not necessarily high quality and instead contain websites that have gamed the system to get on top.

In our field (information security) we use search engines on a daily basis to look up technical write ups, documentation, vulnerability details, and more. Wouldn’t it be great if we could at least improve our tiny corner of the internet to become more productive and surface high quality information that is actually relevant?

Read more...

By Alex Leahu

Whether you're a penetration tester, security engineer, or bug bounty hunter, it can be incredibly helpful to know how to find vulnerabilities in a GraphQL API. This post will introduce you to GraphQL and its functionality from the perspective of someone performing a security assessment.

The post will not focus on how to securely implement a GraphQL API, although you can extrapolate details that’ll help you in doing so. Additionally, although I will draw parallels to familiar topics like REST and SQL, other concepts may be new.

Read more...