Alternatives and similar repositories for CrackQL

Users that are interested in CrackQL are comparing it to the libraries listed below

• nicholasaleks / graphql-threat-matrix
  GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
  ☆323Updated 3 months ago
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆327Updated last year
• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆687Updated 4 months ago
• PalindromeLabs / STEWS
  A Security Tool for Enumerating WebSockets
  ☆362Updated 3 years ago
• daffainfo / all-about-apikey
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆285Updated 2 years ago
• swoops / eval_villain
  A Firefox Web Extension to improve the discovery of DOM XSS.
  ☆279Updated 11 months ago
• MayankPandey01 / Jira-Lens
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆344Updated 9 months ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆536Updated 8 months ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆409Updated 2 years ago
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆683Updated last year
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆321Updated 3 months ago
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆357Updated 3 years ago
• musana / mx-takeover
  mx-takeover focuses DNS MX records and detects misconfigured MX records.
  ☆357Updated 2 years ago
• hakluke / bug-bounty-standards
  A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…
  ☆235Updated 3 years ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆267Updated last year
• hakluke / hakip2host
  hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
  ☆452Updated 3 years ago
• carlospolop / fuzzhttpbypass
  This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
  ☆254Updated last year
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆195Updated last year
• lauritzh / domscan
  Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
  ☆248Updated 8 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆373Updated 2 years ago
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆276Updated 3 years ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆199Updated 2 months ago
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆351Updated 2 years ago
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆235Updated last year
• x1337loser / Dependency-Confusion
  All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
  ☆301Updated last year
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆238Updated 3 years ago
• iustin24 / chameleon
  ☆382Updated 2 years ago
• Escape-Technologies / graphinder
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆222Updated 2 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆219Updated 3 years ago
• ngalongc / AuthzAI
  ☆183Updated last year