Eshan SinghinInfoSec Write-upsGraphQL IDOR leads to information disclosureHello World!, I’m Eshan Singh aka R0X4R. I’m here to share my recent findings on GraphQL IDOR (Insecure Direct Object Reference), which…Dec 24, 2019Dec 24, 2019
Eshan SinghinInfoSec Write-upsGraphQL introspection leads to sensitive data disclosure.GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete…Oct 30, 20194Oct 30, 20194
Eshan SinghIntroduction to Blind XSSLast year I was scrolling my LinkedIn Profile feeds suddenly a post came in front of me. In that post, a Bug Hunter posted his PoC about…Sep 1, 20193Sep 1, 20193