ivision-research / vulnerable-graphql-api
A very vulnerable implementation of a GraphQL API.
☆57Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for vulnerable-graphql-api
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆49Updated 2 years ago
- AWS Security Checks☆36Updated 6 years ago
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆42Updated last year
- ☆22Updated 2 years ago
- A command-line tool for Cross-Site WebSocket Hijacking☆39Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆74Updated 2 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆29Updated 2 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- Regex patterns for manual application source code review☆25Updated 3 years ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated 9 months ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Updated 4 years ago
- Go fish for AWS EIPs☆46Updated 3 years ago
- ☆57Updated 4 months ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago
- Takeover AWS ips and have a working POC for Subdomain Takeover.☆89Updated 8 months ago
- Source for Pentester Land☆31Updated 2 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆57Updated 4 years ago
- ☆47Updated 5 months ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆38Updated 3 years ago
- ☆0Updated 4 years ago
- Slide Decks and Supporting Content of talks given for Bugcrowd☆16Updated 4 years ago
- Target practice for ffuf☆59Updated 3 years ago
- Tool for making it easy to collect dns results from the CLI☆39Updated 3 months ago
- a tool that compiles a csv of all h1 program stats☆46Updated last year
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- Add headers to all Burp requests to bypass some WAF products☆37Updated 11 months ago
- Damn Vulnerable WordPress Site☆50Updated last year
- Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approve…☆42Updated 9 months ago
- ☆47Updated 3 years ago