Alternatives and similar repositories for graphql-threat-matrix

Users that are interested in graphql-threat-matrix are comparing it to the libraries listed below

• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆791Updated 6 months ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆581Updated last month
• nicholasaleks / CrackQL
  CrackQL is a GraphQL password brute-force and fuzzing utility.
  ☆343Updated last year
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆452Updated 2 years ago
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆332Updated last year
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆734Updated 2 years ago
• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆402Updated 3 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆205Updated last year
• BishopFox / sj
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆711Updated last month
• ngalongc / AuthzAI
  ☆182Updated last year
• Escape-Technologies / graphinder
  🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
  ☆226Updated 2 years ago
• doyensec / GQLSpection
  GQLSpection - parses GraphQL introspection schema and generates possible queries
  ☆97Updated 9 months ago
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆296Updated 3 years ago
• g0ldencybersec / CloudRecon
  ☆514Updated last year
• doyensec / CSPTPlayground
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆150Updated 9 months ago
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆468Updated 2 weeks ago
• bebiksior / EvenBetter
  EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎
  ☆160Updated 2 months ago
• w9w / JSA
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆558Updated 9 months ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆325Updated 5 months ago
• PalindromeLabs / STEWS
  A Security Tool for Enumerating WebSockets
  ☆363Updated 3 years ago
• francisconeves97 / jxscout
  jxscout superpowers JavaScript analysis for security researchers
  ☆327Updated 3 months ago
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆239Updated 3 years ago
• trufflesecurity / xsshunter
  ☆531Updated last month
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆383Updated 2 years ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆280Updated 3 months ago
• g0ldencybersec / gungnir
  CT Log Scanner
  ☆492Updated last week
• trufflesecurity / of-CORS
  ☆154Updated 2 years ago
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆254Updated 4 years ago
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)
  ☆243Updated 2 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆151Updated last year