omar2535 / GraphQLer
πA cutting edge context aware GraphQL API fuzzing tool!
β133Updated this week
Alternatives and similar repositories for GraphQLer:
Users that are interested in GraphQLer are comparing it to the libraries listed below
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β156Updated 3 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ101Updated 3 weeks ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).β104Updated last month
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β132Updated last year
- β55Updated 2 months ago
- Nuclei plugins to audit Chrome extensionsβ63Updated 7 months ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discoveryβ204Updated 2 months ago
- Chrome extension for automating CSPT discoveryβ55Updated 4 months ago
- A research project to add some brrrrrr to Burpβ127Updated last week
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β114Updated last year
- boostsecurityio/lotpβ112Updated this week
- A web CTF for training developers in bug hunting and secure coding!β93Updated last month
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.β49Updated last month
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representatiβ¦β85Updated last year
- Manager of third-party sources of Semgrep rules πβ78Updated 7 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ216Updated last month
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such β¦β214Updated 2 weeks ago
- Simple PoC for demonstrating Race Conditions on Websocketsβ56Updated last year
- β109Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β167Updated 2 weeks ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β256Updated 7 months ago
- A GraphQL enumeration and extraction toolβ130Updated 2 years ago
- A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.β63Updated last year
- β83Updated 8 months ago
- Finds graphql queries in javascript filesβ57Updated 9 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ152Updated 2 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript filesβ51Updated 5 months ago
- β164Updated 4 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.β122Updated 7 months ago