From 7f27c659a04dab4455e523a00d6940f0b893c3cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Rainho?= <arainho.it@gmail.com>
Date: Thu, 18 Nov 2021 10:01:14 +0000
Subject: [PATCH] new entry on topic Training / Walkthrough / Labs

- Hacker101 CTFs with GraphQL challenges
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 50933b5..2200ed2 100644
--- a/README.md
+++ b/README.md
@@ -77,6 +77,7 @@
 | [Kontra - OWASP Top 10 for API](https://application.security/free/owasp-top-10-API) | Is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their web API endpoints. |
 | [Pentesting Lab: vAPI](https://github.com/roottusk/vapi) | vAPI is Vulnerable Adversely Programmed Interface, Self-Hostable PHP Interface that mimics OWASP API Top 10 scenarios in the means of Exercises. |
 | [ShipFast - Practical API Security Walkthrough](https://github.com/approov/shipfast-api-protection) | Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation. |
+| [Hacker101 CTFs - GraphQL challenges](https://www.hackerone.com/ethical-hacker/graphql-week-hacker101-capture-flag-challenges) | GraphQL Week on The Hacker101 Capture the Flag Challenges |
 
 ## Enumeration / Scanning
 | Name | Description |