forcesunseen/graphquail external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

forcesunseen/graphquail

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/forcesunseen/graphquail)

Close

forcesunseen / graphquailView on GitHubMore

• External links
• Readme badge

Burp Suite extension that offers a toolkit for testing GraphQL endpoints.

☆203Aug 5, 2024Updated last year

Alternatives and similar repositories for graphquail

Users that are interested in graphquail are comparing it to the libraries listed below

• nikitastupin / clairvoyance

  View on GitHub
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,396Dec 5, 2025Updated 2 months ago
• Escape-Technologies / graphql-wordlist

  View on GitHub
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆456Oct 3, 2023Updated 2 years ago
• xnl-h4ck3r / LookMark

  View on GitHub
  A browser bookmark to show hidden fields and enable disabled fields on a web page
  ☆20Oct 29, 2023Updated 2 years ago
• random-robbie / wayback-saver

  View on GitHub
  Saves pages to Wayback machine
  ☆12Dec 2, 2024Updated last year
• midoxnet / mapperplus

  View on GitHub
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆286Oct 5, 2024Updated last year
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,126Nov 25, 2024Updated last year
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,497Jan 8, 2026Updated last month
• yavolo / eventlistener-xss-recon

  View on GitHub
  ☆148Dec 23, 2022Updated 3 years ago
• doyensec / GQLSpection

  View on GitHub
  GQLSpection - parses GraphQL introspection schema and generates possible queries
  ☆99Mar 6, 2025Updated 11 months ago
• Escape-Technologies / graphinder

  View on GitHub
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆227May 22, 2023Updated 2 years ago
• optiv / mobile-nuclei-templates

  View on GitHub
  ☆436Jun 1, 2021Updated 4 years ago
• dolevf / graphw00f

  View on GitHub
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆814Jun 9, 2025Updated 8 months ago
• intruder-io / guidtool

  View on GitHub
  A tool to inspect and attack version 1 GUIDs
  ☆238Oct 13, 2022Updated 3 years ago
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,771May 22, 2024Updated last year
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,294Aug 7, 2025Updated 6 months ago
• ferreiraklet / Jeeves

  View on GitHub
  Jeeves SQLI Finder
  ☆215May 13, 2022Updated 3 years ago
• nicholasaleks / CrackQL

  View on GitHub
  CrackQL is a GraphQL password brute-force and fuzzing utility.
  ☆345Aug 3, 2024Updated last year
• xm1k3 / cent

  View on GitHub
  Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
  ☆1,039Aug 23, 2025Updated 6 months ago
• gwen001 / gitlab-subdomains

  View on GitHub
  Find subdomains on GitLab.
  ☆107Apr 28, 2024Updated last year
• assetnote / batchql

  View on GitHub
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆406Dec 24, 2022Updated 3 years ago
• devanshbatham / heaptruffle

  View on GitHub
  Mine URLs from Browser's Heap Snapshot for fun and profit
  ☆64Aug 9, 2023Updated 2 years ago
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆386Feb 3, 2026Updated last month
• nccgroup / jwt-reauth

  View on GitHub
  ☆105Jan 3, 2023Updated 3 years ago
• nikitastupin / param-miner-doc

  View on GitHub
  Unofficial documentation for the great tool Param Miner
  ☆183Aug 21, 2022Updated 3 years ago
• Brum3ns / firefly

  View on GitHub
  Black box fuzzer for web applications
  ☆437Jul 20, 2025Updated 7 months ago
• ACK-J / postMessage-tracker-firefox

  View on GitHub
  A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆27Dec 9, 2024Updated last year
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆753Dec 19, 2023Updated 2 years ago
• dolevf / graphql-cop

  View on GitHub
  Security Auditor Utility for GraphQL APIs
  ☆604Nov 20, 2025Updated 3 months ago
• gwen001 / related-domains

  View on GitHub
  Find related domains of a given domain.
  ☆104Aug 5, 2023Updated 2 years ago
• akabe1 / OAUTHScan

  View on GitHub
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆175Oct 26, 2024Updated last year
• buggysolid / bugbounty-wordlist

  View on GitHub
  Real world bug bounty wordlists
  ☆116Jul 20, 2023Updated 2 years ago
• adanalvarez / SimpleAutoBurp

  View on GitHub
  Python script to launch burp scans automatically
  ☆32Jul 18, 2021Updated 4 years ago
• iangcarroll / cookiemonster

  View on GitHub
  🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
  ☆967Jan 10, 2025Updated last year
• root-tanishq / userefuzz

  View on GitHub
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆382May 19, 2023Updated 2 years ago
• ethicalhackingplayground / pathbuster

  View on GitHub
  A path-normalization pentesting tool.
  ☆151Jan 22, 2026Updated last month
• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆36Mar 4, 2025Updated 11 months ago
• nicholasaleks / graphql-threat-matrix

  View on GitHub
  GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
  ☆350Jul 1, 2025Updated 8 months ago
• wdahlenburg / VhostFinder

  View on GitHub
  Identify virtual hosts by similarity comparison
  ☆137Aug 12, 2024Updated last year
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆505Feb 7, 2026Updated 3 weeks ago