Goctopus: Open Source GraphQL endpoint discovery tool
Discover a Golang-based tool developed at Escape for GraphQL endpoint discovery and fingerprinting, enhancing API security. Available on GitHub.| Escape DAST - Application Security Blog
Discover a Golang-based tool developed at Escape for GraphQL endpoint discovery and fingerprinting, enhancing API security. Available on GitHub.| Escape DAST - Application Security Blog
Web safety matters. XSS is like sneaky bad notes, while CSRF tricks sites as if it's you. Both misuse website trust. We'll explore how they work and how to protect sites, including using CSRF tokens. Learn about online security with us!| Escape DAST - Application Security Blog
Confusion between authentication and authorization causes data leaks. Learn the difference and how to implement the right access control pattern in your GraphQL API.| Escape DAST - Application Security Blog
For several days now, your users have been complaining about losing access to your web service. If at first you thought it was a simple coincidence and certainly a fault of the users, the incident starts to be strongly repeated and noticed. You rush to your monitors and notice an| Escape - The API Security Blog
Explore how you can prevent data breaches in GraphQL. Learn to manage sensitive data effectively with robust access control.| Escape - The API Security Blog
Insecure Direct Object References (IDOR) are common security vulnerabilities. Discover IDOR real-life examples and best practices for GraphQL API| Escape - The API Security Blog
GraphQL aliasing is a powerful feature. But with great power comes great vulnerability: batch attacks and DoS. In this post, we explain how it works and how to remediate it in your GraphQL API.| Escape - The API Security Blog
GraphQL has no security by default. All doors are open for the most basic attacks. Read more to learn about the exact threats and some simple strategies you can implement to get your users' data under lock and key 🔐| Escape - The API Security Blog
Are you looking to make your API security program stronger? Our detailed API Security Checklist is here to help.| Escape - The API Security Blog
You receive a call in the middle of the night from the SRE team: All production data has been deleted from your company's various relational databases. Many of the company's internal services are therefore down. You absolutely need to fix the problem immediately and identify the problem. Once you log| Escape - The API Security Blog
Discover the latest insights into the 2023 OWASP API Security Top 10, as we delve into the most critical vulnerabilities and best practices to protect your APIs.| Escape - The API Security Blog
Uncover API discovery's vital role in cybersecurity. Learn about automated vs. manual API discovery and how API Inventory tools can help.| Escape DAST - Application Security Blog
Explore 2025's top API security tools: Get in-depth reviews, pros, cons, and choose the best security tool for your API security needs.| Escape - The API Security Blog
