Skip to content

šŸ”’ A free, open-source platform dedicated to understand and secure GraphQL applicationsĀ ā€”Ā all directly in your browser!

License

Notifications You must be signed in to change notification settings

Escape-Technologies/graphql-security-academy

Repository files navigation

API Security Academy by Escape.tech

What is it?

API Security Academy provides hands-on, interactive lessons that teach various vulnerabilities and best practices in GraphQL security. Discover its full learning potential directly in your browser. Each lesson features a WebContainer with a live GraphQL application, demonstrating not just the risks but also how to exploit and fix them.

šŸ’” The API Security Academy is accessible for free. We initially chose to prioritize GraphQL, as itā€™s at the core of our expertise, but anticipate introducing additional API types in the future!

Why learn with API Security Academy?

  • šŸ“š Comprehensive lessons: Covering everything from basic to advanced GraphQL security topics.
  • šŸ’» Interactive: Each lesson includes a WebContainer for a real-world experience.
  • šŸ§‘ā€šŸ’» For Developers and Security Engineers: Whether you're building or securing GraphQL apps, there's always more to explore and learn.
  • šŸ†“ Free and Open Source: Learn at your own pace, and even contribute to make it better!

Features

  • šŸŒ Browser-Based learning: no downloads, installs, or account creation. Start learning immediately right within your browser.
  • šŸ›  Hands-on experience: apply your knowledge in real-world GraphQL app scenarios.

How to contribute

We're thrilled that you're interested in contributing to the API Security Academy! Contributions are essential for keeping this project informative, up-to-date, and, most importantly, beneficial for everyone interested in GraphQL and Application security.

This project consists of two main components:

  • app: A Svelte-based IDE that operates directly in your web browser.
  • lessons: This directory houses all the tutorial content.

What is a "Lesson"?

A lesson in API Security Academy is structured as a regular npm package, containing at least a package.json file and a README.md file. The README is Svelte-enhanced markdown that drives the lesson content.

Quick Start Guide

If you're eager to contribute, here's how you can get started:

# Clone the GitHub repository
git clone https://github.com/Escape-Technologies/graphql-security-academy.git
cd academy
# Use yarn to install all necessary dependencies
yarn install
# Launch the development environment
yarn dev

Now, you should have a local instance of API Security Academy running. Feel free to make any changes and test them out.

Contribution ideas

  • Writing new lessons or updating existing ones.
  • Enhancing the UI/UX of the app component.
  • Reporting bugs and suggesting new features.

Feel free to submit a pull request or create an issue to discuss any changes you have in mind.

Thank you for contributing to making GraphQL more secure!

And hurry up to start your first lesson here!