omar2535 / GraphQLer
πA cutting edge context aware GraphQL API fuzzing tool!
β126Updated this week
Related projects β
Alternatives and complementary repositories for GraphQLer
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).β84Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β155Updated last week
- boostsecurityio/lotpβ101Updated 7 months ago
- β40Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ98Updated 9 months ago
- Nuclei plugins to audit Chrome extensionsβ64Updated 4 months ago
- Chrome extension for automating CSPT discoveryβ49Updated last month
- Check subdomains for subdomain takeovers and other DNS tomfooleryβ105Updated this week
- Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targetsβ181Updated this week
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β131Updated last year
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β110Updated last year
- Octoscan is a static vulnerability scanner for GitHub action workflows.β171Updated last week
- A GraphQL enumeration and extraction toolβ128Updated last year
- Simple PoC for demonstrating Race Conditions on Websocketsβ56Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ141Updated last month
- gRPC-Web Pentesting Suite + Burp Suite Extensionβ166Updated 4 months ago
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representatiβ¦β85Updated last year
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to β¦β118Updated 7 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbiβ¦β207Updated 2 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find entβ¦β117Updated 2 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ196Updated last month
- Tools to assess DNS security.β148Updated 8 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.β54Updated last year
- β115Updated last year
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently β¦β253Updated last week
- GitHub Attack Toolkit - Extreme Editionβ196Updated this week
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scenaβ¦β138Updated 2 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β39Updated 11 months ago
- Manager of third-party sources of Semgrep rules πβ76Updated 4 months ago