Escape-Technologies / awesome-graphql-security
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
☆309Updated 11 months ago
Alternatives and similar repositories for awesome-graphql-security:
Users that are interested in awesome-graphql-security are comparing it to the libraries listed below
- Security Auditor Utility for GraphQL APIs☆404Updated this week
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆298Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆591Updated last month
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆106Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆205Updated last year
- 🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!☆52Updated 2 months ago
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆319Updated 5 months ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆340Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆372Updated 2 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆187Updated 5 months ago
- GraphQL automated security testing toolkit☆308Updated 10 months ago
- Research on GraphQL from an AppSec point of view.☆411Updated last year
- A Broken Application - Very Vulnerable!☆136Updated 2 months ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆129Updated this week
- Websec interview questions by tib3rius answered☆306Updated last year
- Awesome information for WebSockets security research☆258Updated 3 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆280Updated 9 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated 8 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆153Updated 4 months ago
- Obtain GraphQL API schema even if the introspection is disabled☆1,093Updated 3 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆186Updated last week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last year
- Gram is Klarna's own threat model diagramming tool☆291Updated this week
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆267Updated 3 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆94Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆214Updated 3 weeks ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆571Updated 2 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 2 months ago
- API Security Vulnerability Scanner designed to help you secure your APIs.☆106Updated last week
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆408Updated this week