Alternatives and similar repositories for CrackQL

Users that are interested in CrackQL are comparing it to the libraries listed below

• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆628Updated last month
• nicholasaleks / graphql-threat-matrix
  GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
  ☆306Updated 2 weeks ago
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆316Updated last year
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆636Updated last year
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆456Updated 2 months ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆361Updated last year
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆238Updated 3 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆190Updated 9 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆366Updated 2 years ago
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆349Updated 3 years ago
• trufflesecurity / xsshunter
  ☆447Updated 3 months ago
• daffainfo / all-about-apikey
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆273Updated last year
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆477Updated 2 years ago
• hisxo / JSpector
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆360Updated last year
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆254Updated 5 months ago
• Escape-Technologies / graphinder
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆215Updated last year
• BishopFox / sj
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆650Updated 3 weeks ago
• swoops / eval_villain
  A Firefox Web Extension to improve the discovery of DOM XSS.
  ☆271Updated 6 months ago
• kleiton0x00 / ppmap
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆504Updated 2 years ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆311Updated 5 months ago
• xnl-h4ck3r / urless
  De-clutter a list of URLs
  ☆339Updated 5 months ago
• projectdiscovery / fuzzing-templates
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆67Updated last year
• hakluke / haktrails
  Golang client for querying SecurityTrails API data
  ☆556Updated last year
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆374Updated last week
• root-tanishq / userefuzz
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆382Updated last year
• optiv / mobile-nuclei-templates
  ☆407Updated 3 years ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆189Updated 3 weeks ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆218Updated 2 years ago
• anshumanpattnaik / http-request-smuggling
  HTTP Request Smuggling Detection Tool
  ☆496Updated last year
• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆304Updated 4 months ago