Escape-Technologies / awesome-graphql-security
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
☆322Updated last year
Alternatives and similar repositories for awesome-graphql-security:
Users that are interested in awesome-graphql-security are comparing it to the libraries listed below
- Security Auditor Utility for GraphQL APIs☆436Updated last month
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆302Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆611Updated 4 months ago
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆108Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆210Updated last year
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆356Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆381Updated 2 years ago
- 🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!☆56Updated 5 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago
- GraphQL automated security testing toolkit☆313Updated last year
- Websec interview questions by tib3rius answered☆307Updated last year
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆137Updated last week
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆327Updated 7 months ago
- Awesome information for WebSockets security research☆264Updated 3 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆166Updated last month
- Obtain GraphQL API schema even if the introspection is disabled☆1,147Updated 6 months ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆285Updated 11 months ago
- Vulnerability Scan with Nuclei☆250Updated 4 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- ☆475Updated 11 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆238Updated last week
- GraphQL security testing tool☆122Updated 2 years ago
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆79Updated 3 weeks ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆108Updated 2 months ago
- A Broken Application - Very Vulnerable!☆148Updated this week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated 2 weeks ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆230Updated last year
- ☆150Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated this week
- ☆184Updated 4 months ago