nicholasaleks / CrackQL
CrackQL is a GraphQL password brute-force and fuzzing utility.
☆324Updated 6 months ago
Alternatives and similar repositories for CrackQL:
Users that are interested in CrackQL are comparing it to the libraries listed below
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆603Updated 2 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆302Updated last year
- Security Auditor Utility for GraphQL APIs☆425Updated this week
- GraphQL automated security testing toolkit☆311Updated last year
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆352Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆622Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆189Updated 6 months ago
- Gotator is a tool to generate DNS wordlists through permutations.☆465Updated 2 years ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆208Updated last year
- A Security Tool for Enumerating WebSockets☆343Updated 3 years ago
- Automated learning of regexes for DNS discovery☆363Updated 2 years ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆234Updated last week
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆348Updated this week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆280Updated last year
- De-clutter a list of URLs☆321Updated 3 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated last month
- An Automated Subdomain Enumeration Tool☆253Updated 4 months ago
- Vulnerability Scan with Nuclei☆249Updated 3 months ago
- Smart context-based SSRF vulnerability scanner.☆347Updated 2 years ago
- Discover new target domains using Content Security Policy☆394Updated this week
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆205Updated 5 months ago
- Build your own reconnaissance system with Osmedeus Next Generation☆183Updated 2 weeks ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆239Updated last year
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382Updated last year
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆346Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated 2 weeks ago
- Customisable and automated HTTP header injection☆243Updated 7 months ago
- Local File Inclusion discovery and exploitation tool☆273Updated last month
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆585Updated 3 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆351Updated last year