GraphQL

Clairvoyance – Unmasking Hidden GraphQL Schemas

Clairvoyance is a game-changer for GraphQL API developers. This tool gets the GraphQL API schema from sites where introspection is…

1 year ago

Graphicator : A GraphQL Enumeration And Extraction Tool

Graphicator is a GraphQL "scraper" / extractor. The tool iterates over the introspection document returned by the targeted GraphQL endpoint,…

2 years ago

GraphCrawler : GraphQL Automated Security Testing Toolkit

Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint. Version 1.2 is out NEW: Can search…

2 years ago

Graphql-Threat-Matrix : GraphQL Threat Framework Used By Security Professionals

graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple GraphQL implementations. The…

2 years ago

BatchQL : GraphQL Security Auditing Script With A Focus On Performing Batch GraphQL Queries And Mutations

BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is…

3 years ago

Graphw00F : GraphQL fingerprinting tool for GQL endpoints

Graphw00F (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL endpoints, it sends a mix of benign and malformed queries…

3 years ago

GraphQLmap : A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Install $ git clone https://github.com/swisskyrepo/GraphQLmap$ python…

4 years ago

Damn Vulnerable GraphQL Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. About…

4 years ago

InQL : A Burp Extension For GraphQL Security Testing

InQL is a security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone…

4 years ago

InQL – A Burp Extension for GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script, or…

5 years ago