Escape-Technologies / graphinder
πΈοΈ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. πΈοΈ
β185Updated last year
Related projects β
Alternatives and complementary repositories for graphinder
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.β328Updated last year
- Blazing fast GraphQL discovery & fingerprinting toolbox.β101Updated 11 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.β184Updated 3 months ago
- β146Updated last year
- GraphQL automated security testing toolkitβ301Updated 8 months ago
- β134Updated 3 weeks ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β165Updated 5 months ago
- CrackQL is a GraphQL password brute-force and fuzzing utility.β314Updated 3 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β573Updated last month
- Security Auditor Utility for GraphQL APIsβ382Updated 2 months ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.β219Updated this week
- GQLSpection - parses GraphQL introspection schema and generates possible queriesβ70Updated 4 months ago
- De-clutter a list of URLsβ307Updated 7 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better πβ133Updated last week
- Filter and enrich a list of subdomains by levelβ190Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ138Updated 3 weeks ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementationsβ286Updated 11 months ago
- A GraphQL enumeration and extraction toolβ128Updated last year
- β193Updated 5 months ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.β132Updated last month
- Distribute ordinary bash commands over many systemsβ160Updated 2 years ago
- β353Updated 6 months ago
- Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.β193Updated this week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsβ273Updated last year
- A fast and minimal JS endpoint extractorβ323Updated 9 months ago
- A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way tβ¦β227Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.β250Updated this week
- Discover new target domains using Content Security Policyβ379Updated this week
- Burp extension to create target specific and tailored wordlist from burp history.β231Updated 2 years ago
- An Automated Subdomain Enumeration Toolβ233Updated 3 weeks ago