Blazing fast GraphQL discovery & fingerprinting toolbox.
โ127Nov 21, 2023Updated 2 years ago
Alternatives and similar repositories for goctopus
Users that are interested in goctopus are comparing it to the libraries listed below
Sorting:
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.โ456Oct 3, 2023Updated 2 years ago
- ๐ธ๏ธ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. ๐ธ๏ธโ227May 22, 2023Updated 2 years ago
- ๐ A free, open-source platform dedicated to understand and secure GraphQL applicationsย โย all directly in your browser!โ61Oct 30, 2024Updated last year
- Hourly Updated (Merged & Filtered) List of Torrent Trackers [Maintainer=@Azathothas]โ16Updated this week
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.โ203Aug 5, 2024Updated last year
- Script to read input from stdin and encode itโ19Aug 23, 2023Updated 2 years ago
- ๐ A curated list of awesome Caido related projectsโ46Mar 25, 2025Updated 11 months ago
- The Primate Pack is a suite of extensions for Caido.โ13Sep 29, 2024Updated last year
- Obtain GraphQL API schema even if the introspection is disabledโ1,396Dec 5, 2025Updated 3 months ago
- โ27Mar 5, 2023Updated 3 years ago
- A curated list of awesome GraphQL Security frameworks, libraries, software and resourcesโ353Feb 15, 2024Updated 2 years ago
- Automate Nuclei scans and streamline bug hunting workflowsโ21Feb 16, 2024Updated 2 years ago
- ngrok Collaborator Link โ yet another Burp Collaborator alternative for free with ngrok.โ113Jan 4, 2024Updated 2 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.โ181Dec 22, 2025Updated 2 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyโฆโ814Jun 9, 2025Updated 8 months ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsโ300Sep 8, 2023Updated 2 years ago
- GQLSpection - parses GraphQL introspection schema and generates possible queriesโ99Mar 6, 2025Updated 11 months ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.โ97Jan 2, 2025Updated last year
- Deploy a SOCKS5 proxy in DigitalOcean and autoconfigure the Burp proxy settings to route all traffic through the dropletโ56Oct 23, 2024Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.โ281Sep 11, 2025Updated 5 months ago
- Security Auditor Utility for GraphQL APIsโ604Nov 20, 2025Updated 3 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable โฆโ753Dec 19, 2023Updated 2 years ago
- ๐A cutting edge context aware GraphQL API fuzzing tool!โ157Feb 25, 2026Updated last week
- This page should help you with the recon for security issues.โ20Oct 14, 2022Updated 3 years ago
- ๐ต๏ธ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.โ428May 15, 2025Updated 9 months ago
- [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For the World ๐โ16Feb 15, 2025Updated last year
- nTask is a distributed task management program that allows you to distribute tasks across multiple computers using API communication and โฆโ16Feb 19, 2026Updated 2 weeks ago
- Filter and enrich a list of subdomains by levelโ210Sep 25, 2023Updated 2 years ago
- Mรกquina virtual para investigaciones en fuentes abiertas OSINTโ17Oct 4, 2024Updated last year
- buldDNS: A DNS scanner for large-scale measurementโ22Jan 22, 2026Updated last month
- A GraphQL enumeration and extraction toolโ133Jan 29, 2023Updated 3 years ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environmentsโ89Jun 22, 2024Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.โ46Mar 4, 2024Updated 2 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaksโ32Feb 13, 2026Updated 2 weeks ago
- Chrome extension for automating CSPT discoveryโ138Dec 23, 2025Updated 2 months ago
- Moved to https://github.com/pkgforge/soarpkgsโ21Jan 10, 2025Updated last year
- ๐ฆ The modern changelog generator.โ19Feb 9, 2026Updated 3 weeks ago
- convert secret patterns to gf compatible.โ38Feb 11, 2023Updated 3 years ago
- ๐ ๏ธ Workflows created by the communityโ87Dec 8, 2025Updated 2 months ago