nicholasaleks / graphql-threat-matrix

Related projects ⓘ

Alternatives and complementary repositories for graphql-threat-matrix

• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆578Updated last month
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆383Updated 2 months ago
• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆367Updated last year
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆329Updated last year
• nicholasaleks / CrackQL
  CrackQL is a GraphQL password brute-force and fuzzing utility.
  ☆315Updated 3 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆185Updated 3 months ago
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆533Updated 11 months ago
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆302Updated 9 months ago
• BishopFox / sj
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆543Updated this week
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆295Updated this week
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆206Updated 3 weeks ago
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆232Updated 2 years ago
• w9w / JSA
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆400Updated last month
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆173Updated 2 years ago
• MayankPandey01 / Jira-Lens
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆317Updated 9 months ago
• Escape-Technologies / graphinder
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆193Updated last year
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆358Updated last year
• bebiksior / EvenBetter
  EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎
  ☆134Updated 2 weeks ago
• doyensec / GQLSpection
  GQLSpection - parses GraphQL introspection schema and generates possible queries
  ☆71Updated 4 months ago
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆242Updated this week
• g0ldencybersec / gungnir
  CT Log Scanner
  ☆289Updated last month
• ngalongc / AuthzAI
  ☆143Updated last month
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆198Updated 4 months ago
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆281Updated last year
• intigriti / misconfig-mapper
  Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…
  ☆390Updated last week
• x1337loser / Dependency-Confusion
  All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
  ☆273Updated 8 months ago
• resyncgg / ripgen
  Rust-based high performance domain permutation generator.
  ☆275Updated 11 months ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆263Updated last year
• trufflesecurity / of-CORS
  ☆146Updated last year
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆252Updated 2 years ago