HackerTrans
TopNewTrendsCommentsPastAskShowJobs

iCarossio

no profile record

Submissions

How to get into Y Combinator: notes from a W23 alum

github.com
3 points·by iCarossio·الشهر الماضي·0 comments

Show HN: SecureGPT – The free security tool for ChatGPT Plugin developers

escape.tech
1 points·by iCarossio·قبل 3 سنوات·0 comments

GraphQL Input Validation and Sanitization

escape.tech
1 points·by iCarossio·قبل 3 سنوات·1 comments

Is disabling GraphQL introspection the right move?

escape.tech
2 points·by iCarossio·قبل 3 سنوات·1 comments

Test the security of your REST OpenAPI/Swagger in 10s

openapi.security
12 points·by iCarossio·قبل 3 سنوات·1 comments

Escape API Security (YC W23) Partners with Postman on Open Source (GraphMan)

blog.postman.com
6 points·by iCarossio·قبل 3 سنوات·1 comments

Escape (YC W23) – The 8 most common GraphQL vulnerabilities you should know

escape.tech
10 points·by iCarossio·قبل 3 سنوات·1 comments

The-Guild.dev x Escape.tech – Make secure GraphQL accessible to everyone

blog.escape.tech
1 points·by iCarossio·قبل 4 سنوات·1 comments

comments

iCarossio
·الشهر الماضي·discuss
[dead]
iCarossio
·قبل 3 سنوات·discuss
Hey HN!

I have a lot of questions about how to sanitise and validate GraphQL input so I decided to write a blog post about it with the different techniques :)

Best, Antoine
iCarossio
·قبل 3 سنوات·discuss
Hey HN! I wrote this article will help you make an informed decision.

Feel free to debate and give your point of view ;)
iCarossio
·قبل 3 سنوات·discuss
Yeah you're absolutely right! We couldn't add tags/categories easily for the first version but we are working on it for the future. Thanks for your feedback :)
iCarossio
·قبل 3 سنوات·discuss
Hey, thanks for your feedback. As mentioned, we had to scale up our infra a little due to an unexpected load. It's fixed now ;)
iCarossio
·قبل 3 سنوات·discuss
Hey, thanks for your feedback. Due to an unexpected load, we had to scale up our infra a little. It's fixed now ;)
iCarossio
·قبل 3 سنوات·discuss
For this first version, we assumed you know the API you want to use and want to get some extra info.

The next step could be adding tags/categories so you can look for specific APIs ;)
iCarossio
·قبل 3 سنوات·discuss
Hey coauthor here!

Thanks for your feedback! APIRank is new, and we are eager to make it better.

Please note APIRank we are only compatible with Swagger & OpenAPI specifications. You can propose to index any API you want here: https://apirank.dev/submit

Concerning Github APIs, indeed, we missed it. We will add the following in our next update: https://raw.githubusercontent.com/github/rest-api-descriptio...
iCarossio
·قبل 3 سنوات·discuss
Hey coauthor here.

Thanks for your feedback! APIRank is new, and we are here to improve it and make it useful to the community.

APIRank only considers APIs with an OpenAPI or Swagger specification. It supports any version of Swagger v2+ or OpenAPI v3+.

However, I agree in practice for people, the "design criterium" is not only the compliance to the spec ;)

Antoine
iCarossio
·قبل 3 سنوات·discuss
And as mentioned in the post we filtered soooo many awkward results ^^
iCarossio
·قبل 3 سنوات·discuss
Hey, co-author here! Google does not allow you to browse APIs according to Security, Reliability, not Performance, etc.

Google is not an OpenAPI spec indexer either ;)
iCarossio
·قبل 3 سنوات·discuss
Congratulations for the lunch Second team. :)
iCarossio
·قبل 3 سنوات·discuss
We plan to support authenticated APIs through headers soon. Stay tuned on our Discord https://discord.escape.tech/
iCarossio
·قبل 3 سنوات·discuss
Hope this was the login route haha
iCarossio
·قبل 3 سنوات·discuss
Smart move would be to use Ngrok I guess ;)
iCarossio
·قبل 3 سنوات·discuss
You mean locally?
iCarossio
·قبل 3 سنوات·discuss
Hey folks, co-author here. This is in Beta and there is still a lot of work ahead. We are ready for feedback :)
iCarossio
·قبل 3 سنوات·discuss
Hey ya'll!

Thank you for your feedback on GraphQL.Security https://graphql.security/

Thousands of you wanted us to provide the same free tool for REST OpenAPIs.

At Escape (YC23), we strived to provide the same user experience and quality of results for REST OpenAPIs (and Swagger) as GraphQL APIs.

OpenAPI.Security is still in alpha, and we would love your feedback and ideas!

Best,

Antoine Cofounder & CTO @ Escape.tech
iCarossio
·قبل 3 سنوات·discuss
Hello, the community!

At Escape (WC 23), we released an open-source package (GraphMan) to convert a GraphQL Introspection into a Postman collection automatically. Postman just announced the official collaboration on their website, and we would love your feedback on Graphman!

Best,

Antoine Cofounder & CTO @ https://escape.tech
iCarossio
·قبل 3 سنوات·discuss
Hello everyone :)

Here is a tiny article we wrote at Escape (YC W23) to describe the most common vulnerabilities in GraphQL and how to identify & fix them.

Best, Antoine Cofounder & CTO @ Escape.tech