Escape-Technologies / awesome-graphql-security
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
☆328Updated last year
Alternatives and similar repositories for awesome-graphql-security:
Users that are interested in awesome-graphql-security are comparing it to the libraries listed below
- Security Auditor Utility for GraphQL APIs☆450Updated 2 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆306Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆624Updated last week
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆215Updated last year
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆109Updated last year
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆358Updated last year
- Websec interview questions by tib3rius answered☆307Updated last year
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆328Updated 8 months ago
- GraphQL automated security testing toolkit☆315Updated last year
- 🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!☆56Updated 5 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆385Updated 2 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆286Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 8 months ago
- A Broken Application - Very Vulnerable!☆156Updated this week
- Obtain GraphQL API schema even if the introspection is disabled☆1,165Updated 6 months ago
- Vulnerability Scan with Nuclei☆253Updated 5 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆218Updated last week
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆632Updated last year
- Awesome information for WebSockets security research☆267Updated 3 years ago
- ☆481Updated 11 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 5 months ago
- ☆177Updated last week
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆168Updated 2 months ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆139Updated this week
- Attack surface detector that identifies endpoints by static analysis☆693Updated last week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 3 weeks ago
- This repo contains the code for my secure code review challenges☆116Updated 3 weeks ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆516Updated 2 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆231Updated last year
- A web CTF for training developers in bug hunting and secure coding!☆99Updated 3 months ago