Alternatives and similar repositories for Damn-Vulnerable-GraphQL-Application

Users that are interested in Damn-Vulnerable-GraphQL-Application are comparing it to the libraries listed below

• doyensec / inql
  InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…
  ☆1,642Updated 3 weeks ago
• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆647Updated 2 weeks ago
• swisskyrepo / GraphQLmap
  GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
  ☆1,505Updated last year
• nikitastupin / clairvoyance
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,221Updated 9 months ago
• lutfumertceylan / top25-parameter
  For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
  ☆1,775Updated last year
• yeswehack / PwnFox
  PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
  ☆1,170Updated 10 months ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆477Updated 4 months ago
• assetnote / kiterunner
  Contextual Content Discovery Tool
  ☆2,878Updated last year
• nicholasaleks / graphql-threat-matrix
  GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
  ☆312Updated last month
• ksharinarayanan / SSRFire
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆962Updated 3 years ago
• jdonsec / AllThingsSSRF
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,268Updated 4 years ago
• defparam / smuggler
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆1,965Updated last year
• dwisiswant0 / findom-xss
  A fast DOM based XSS vulnerability scanner with simplicity.
  ☆803Updated 2 years ago
• s0md3v / Corsy
  CORS Misconfiguration Scanner
  ☆1,441Updated 2 years ago
• e11i0t4lders0n / Web-Application-Pentest-Checklist
  ☆524Updated 3 years ago
• KathanP19 / JSFScan.sh
  Automation for javascript recon in bug bounty.
  ☆1,006Updated last year
• harsh-bothra / Bheem
  ☆374Updated 3 years ago
• ayoubfathi / leaky-paths
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆978Updated last year
• GrrrDog / weird_proxies
  Reverse proxies cheatsheet
  ☆1,822Updated last year
• NagliNagli / Shockwave-OSS
  ☆754Updated last year
• punishell / bbtips
  BugBountyTips
  ☆411Updated last month
• zeroc00I / AllVideoPocsFromHackerOne
  This script grab public report from hacker one and make some folders with poc videos
  ☆892Updated this week
• The-XSS-Rat / SecurityTesting
  ☆1,078Updated 2 months ago
• fransr / postMessage-tracker
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,182Updated last year
• BlackFan / client-side-prototype-pollution
  Prototype Pollution and useful Script Gadgets
  ☆1,498Updated last year
• projectdiscovery / public-bugbounty-programs
  Community curated list of public bug bounty and responsible disclosure programs.
  ☆1,175Updated last week
• dwisiswant0 / awesome-oneliner-bugbounty
  A collection of awesome one-liner scripts especially for bug bounty tips.
  ☆2,867Updated 10 months ago
• inonshk / 31-days-of-API-Security-Tips
  This challenge is Inon Shkedy's 31 days API Security Tips.
  ☆2,125Updated 3 years ago
• sh377c0d3 / Payloads
  Payload Arsenal for Pentration Tester and Bug Bounty Hunters
  ☆908Updated 2 years ago
• hackerscrolls / SecurityTips
  ☆1,008Updated 3 years ago