Escape-Technologies / awesome-graphql-securityLinks
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
☆350Updated last year
Alternatives and similar repositories for awesome-graphql-security
Users that are interested in awesome-graphql-security are comparing it to the libraries listed below
Sorting:
- Security Auditor Utility for GraphQL APIs☆594Updated 2 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆346Updated 7 months ago
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆125Updated 2 years ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆227Updated 2 years ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆796Updated 7 months ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆458Updated 2 years ago
- 🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!☆61Updated last year
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆319Updated 5 months ago
- A Broken Application - Very Vulnerable!☆180Updated this week
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆404Updated 3 years ago
- GraphQL automated security testing toolkit☆332Updated last year
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆345Updated last year
- Websec interview questions by tib3rius answered☆308Updated 2 years ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆156Updated 2 weeks ago
- Awesome information for WebSockets security research☆297Updated 4 years ago
- Obtain GraphQL API schema even if the introspection is disabled☆1,370Updated last month
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆278Updated last year
- A web CTF for training developers in bug hunting and secure coding!☆100Updated last year
- Research on GraphQL from an AppSec point of view.☆419Updated 2 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆282Updated 4 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆228Updated last week
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆566Updated 2 months ago
- Create your own vulnerable by design AWS penetration testing playground☆428Updated 3 weeks ago
- A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets☆407Updated last month
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆477Updated 3 weeks ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆205Updated last year
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆238Updated 2 years ago
- API Security Project aims to present unique attack & defense methods in API Security field☆286Updated 3 years ago
- ☆196Updated 2 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆155Updated last year