assetnote / batchql
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
☆361Updated last year
Related projects: ⓘ
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆542Updated last week
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆274Updated 9 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆182Updated last month
- Security Auditor Utility for GraphQL APIs☆346Updated last week
- DOM XSS scanner for Single Page Applications☆394Updated 2 months ago
- Rust-based high performance domain permutation generator.☆268Updated 9 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆287Updated last year
- Unofficial documentation for the great tool Param Miner☆169Updated 2 years ago
- GraphQL automated security testing toolkit☆296Updated 6 months ago
- Prototype pollution scanner using headless chrome☆196Updated 2 years ago
- ☆157Updated this week
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆258Updated last year
- Automated learning of regexes for DNS discovery☆350Updated last year
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆318Updated 11 months ago
- ☆221Updated 3 months ago
- Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.☆242Updated 3 weeks ago
- ☆207Updated this week
- Burp extension to create target specific and tailored wordlist from burp history.☆228Updated 2 years ago
- ☆143Updated last year
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆287Updated last year
- Client Side Prototype Pollution Scanner☆507Updated 2 years ago
- ☆165Updated 3 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆445Updated 2 years ago
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆277Updated last year
- GraphQL security workshop labs☆100Updated 2 months ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆295Updated last year
- ☆173Updated this week
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆67Updated 2 months ago
- ☆385Updated 3 years ago