πΈοΈ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. πΈοΈ
β227May 22, 2023Updated 2 years ago
Alternatives and similar repositories for graphinder
Users that are interested in graphinder are comparing it to the libraries listed below
Sorting:
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a pβ¦β30Nov 30, 2025Updated 3 months ago
- Blazing fast GraphQL discovery & fingerprinting toolbox.β124Nov 21, 2023Updated 2 years ago
- GraphQL automated security testing toolkitβ333Feb 20, 2024Updated 2 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).β151Mar 31, 2025Updated 11 months ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,396Dec 5, 2025Updated 2 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β814Jun 9, 2025Updated 8 months ago
- β17Jan 9, 2025Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.β203Aug 5, 2024Updated last year
- Security Auditor Utility for GraphQL APIsβ604Nov 20, 2025Updated 3 months ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.β455Oct 3, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.β313May 16, 2024Updated last year
- A curated list of awesome GraphQL Security frameworks, libraries, software and resourcesβ353Feb 15, 2024Updated 2 years ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testβ¦β37Feb 15, 2026Updated 2 weeks ago
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)β1,631Mar 11, 2024Updated last year
- πA cutting edge context aware GraphQL API fuzzing tool!β157Updated this week
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!β21Aug 25, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.β48Sep 20, 2024Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.β721Feb 3, 2026Updated 3 weeks ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,771May 22, 2024Updated last year
- CrackQL is a GraphQL password brute-force and fuzzing utility.β345Aug 3, 2024Updated last year
- The Most Advanced Client-Side Prototype Pollution Scannerβ246Feb 3, 2026Updated 3 weeks ago
- Find subdomains on GitLab.β107Apr 28, 2024Updated last year
- The Primate Pack is a suite of extensions for Caido.β13Sep 29, 2024Updated last year
- β181Oct 15, 2024Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizableβ¦β1,737Feb 16, 2026Updated last week
- Black box fuzzer for web applicationsβ437Jul 20, 2025Updated 7 months ago
- A streamlined tool for discovering private TLDs for security research.β314Updated this week
- Extract endpoints from source files.β25Mar 28, 2023Updated 2 years ago
- A Slack bot phishing framework for Red Teaming exercisesβ166Apr 27, 2024Updated last year
- β93Apr 29, 2024Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ404Dec 24, 2022Updated 3 years ago
- Demo of various ways to exploit post based reflected XSSβ18Jul 6, 2023Updated 2 years ago
- ngrok Collaborator Link β yet another Burp Collaborator alternative for free with ngrok.β113Jan 4, 2024Updated 2 years ago
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitatiβ¦β447Jan 25, 2024Updated 2 years ago
- Find what egress ports are allowedβ46Nov 19, 2025Updated 3 months ago
- Java archive implant toolkit.β61Apr 20, 2025Updated 10 months ago
- Web cache poisoning vulnerability scanner.β73May 5, 2022Updated 3 years ago
- A GraphQL enumeration and extraction toolβ133Jan 29, 2023Updated 3 years ago
- AI-powered ffuf wrapperβ646Dec 4, 2025Updated 2 months ago