Escape-Technologies / graphql-security-academyLinks
🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!
☆56Updated 7 months ago
Alternatives and similar repositories for graphql-security-academy
Users that are interested in graphql-security-academy are comparing it to the libraries listed below
Sorting:
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆112Updated last year
- A curated list of awesome GraphQL Security frameworks, libraries, software and resources☆334Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆215Updated 2 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆363Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆192Updated 10 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆309Updated last month
- Obtain GraphQL API Schema even if the introspection is not enabled☆11Updated last year
- A Broken Application - Very Vulnerable!☆162Updated this week
- Scans your Github Actions for security issues☆73Updated 3 weeks ago
- Security Auditor Utility for GraphQL APIs☆470Updated 3 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆169Updated 4 months ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆141Updated this week
- jxscout superpowers JavaScript analysis for security researchers☆141Updated last week
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆87Updated 3 months ago
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.☆91Updated last month
- ☆68Updated 4 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆639Updated last month
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆210Updated last month
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆119Updated 2 months ago
- ☆204Updated last year
- CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments☆19Updated last year
- Chrome extension for automating CSPT discovery☆84Updated last month
- FrogPost: postMessage Security Testing Tool☆80Updated 3 weeks ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆218Updated last month
- A web CTF for training developers in bug hunting and secure coding!☆99Updated 4 months ago
- GraphQL automated security testing toolkit☆318Updated last year
- Vulnerability Scan with Nuclei☆254Updated 6 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 4 months ago
- OWASP Foundation Web Respository☆20Updated 2 months ago