Alternatives and similar repositories for graphql-threat-matrix

Users that are interested in graphql-threat-matrix are comparing it to the libraries listed below

• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆633Updated last month
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆456Updated 3 months ago
• nicholasaleks / CrackQL
  CrackQL is a GraphQL password brute-force and fuzzing utility.
  ☆330Updated 9 months ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆362Updated last year
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆316Updated last year
• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆384Updated 2 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆191Updated 9 months ago
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆637Updated last year
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆261Updated 2 months ago
• BishopFox / sj
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆649Updated last month
• ngalongc / AuthzAI
  ☆175Updated 7 months ago
• Escape-Technologies / awesome-graphql-security
  A curated list of awesome GraphQL Security frameworks, libraries, software and resources
  ☆333Updated last year
• doyensec / GQLSpection
  GQLSpection - parses GraphQL introspection schema and generates possible queries
  ☆84Updated 2 months ago
• Escape-Technologies / graphinder
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆215Updated last year
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆238Updated 3 years ago
• bebiksior / EvenBetter
  EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎
  ☆146Updated 2 weeks ago
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆269Updated 3 years ago
• x1337loser / Dependency-Confusion
  All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
  ☆286Updated last year
• Escape-Technologies / goctopus
  Blazing fast GraphQL discovery & fingerprinting toolbox.
  ☆111Updated last year
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆110Updated 2 weeks ago
• hakluke / bug-bounty-standards
  A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…
  ☆231Updated 3 years ago
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆160Updated 9 months ago
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆169Updated 3 months ago
• sysdig / wafer
  ☆201Updated 11 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆134Updated 5 months ago
• elttam / semgrep-rules
  ☆192Updated 6 months ago
• nikitastupin / clairvoyance
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,182Updated 7 months ago
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆315Updated this week
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆349Updated 3 years ago
• rs-loves-bugs / xsshunter
  ☆171Updated 3 months ago