Escape-Technologies / awesome-graphql-securityLinks
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
☆336Updated last year
Alternatives and similar repositories for awesome-graphql-security
Users that are interested in awesome-graphql-security are comparing it to the libraries listed below
Sorting:
- Security Auditor Utility for GraphQL APIs☆477Updated 4 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆312Updated last month
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆112Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆647Updated 2 weeks ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆218Updated 2 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆365Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆386Updated 2 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆293Updated last year
- GraphQL automated security testing toolkit☆320Updated last year
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆335Updated 10 months ago
- Websec interview questions by tib3rius answered☆309Updated last year
- Obtain GraphQL API schema even if the introspection is disabled☆1,221Updated 9 months ago
- 🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!☆56Updated 7 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆172Updated 4 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆193Updated 10 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆642Updated last year
- 🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the c…☆212Updated 2 years ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆141Updated last week
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆370Updated last week
- Awesome information for WebSockets security research☆271Updated 3 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆271Updated 9 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆233Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆220Updated 2 weeks ago
- Vulnerability Scan with Nuclei☆256Updated 7 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆212Updated 2 months ago
- ☆152Updated last year
- A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…☆231Updated 3 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 2 months ago
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆89Updated 3 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆124Updated 2 months ago