gsmith257-cyber / GraphCrawler
GraphQL automated security testing toolkit
☆296Updated 6 months ago
Related projects: ⓘ
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆540Updated last week
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆318Updated 11 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆182Updated last month
- ☆332Updated 4 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆523Updated 9 months ago
- CrackQL is a GraphQL password brute-force and fuzzing utility.☆308Updated last month
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆287Updated last year
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆67Updated 2 months ago
- ☆384Updated 3 years ago
- Unofficial documentation for the great tool Param Miner☆169Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 7 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆273Updated 9 months ago
- Automated learning of regexes for DNS discovery☆350Updated last year
- Vulnerability Scan with Nuclei☆238Updated last month
- Scrapts Scrapts Scrapts☆232Updated 5 months ago
- Prototype pollution scanner using headless chrome☆196Updated 2 years ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆467Updated this week
- Discover new target domains using Content Security Policy☆360Updated this week
- Security Auditor Utility for GraphQL APIs☆346Updated last week
- Gotator is a tool to generate DNS wordlists through permutations.☆445Updated 2 years ago
- CT Log Scanner☆241Updated 3 months ago
- Burp extension to create target specific and tailored wordlist from burp history.☆228Updated 2 years ago
- Golang client for querying SecurityTrails API data☆529Updated last year
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆318Updated this week
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated last week
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆258Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆608Updated 5 months ago
- ☆368Updated last year
- A Security Tool for Enumerating WebSockets☆320Updated 2 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆313Updated last year