Your Untested GraphQL API is a Ticking Time Bomb | ASEC

In the 2022 state of GraphQL study, we uncovered that Security is one of the top pain points developers face when using GraphQL. The number one pain point being error handling has caused many GraphQL APIs to leak sensitive information. Analyzing error messages is actually how our tool Graphw00f allows hackers to fingerprint your GraphQL APIs and uncover vulnerabilities.