omar2535 / GraphQLerLinks
πA cutting edge context aware GraphQL API fuzzing tool!
β156Updated last week
Alternatives and similar repositories for GraphQLer
Users that are interested in GraphQLer are comparing it to the libraries listed below
Sorting:
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β164Updated 2 months ago
- FrogPost: postMessage Security Testing Toolβ105Updated 3 weeks ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated last month
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representatiβ¦β91Updated 2 years ago
- Nuclei plugins to audit Chrome extensionsβ65Updated last year
- β94Updated last week
- boostsecurityio/lotpβ138Updated 2 months ago
- A research project to add some brrrrrr to Burpβ196Updated 10 months ago
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such β¦β235Updated 10 months ago
- Burp Suite extension for testing Passkey systems.β75Updated 8 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).β150Updated 8 months ago
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β120Updated 2 years ago
- Manager of third-party sources of Semgrep rules πβ92Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β42Updated 2 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ228Updated last month
- QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applicationsβ46Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ164Updated last year
- β101Updated last month
- A Burp Suite extension for analyzing Next.js Server Actions - server-side functions identified by hash IDs and `Next-Action` headers.β39Updated 4 months ago
- πΈοΈ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. πΈοΈβ225Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websocketsβ55Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalationβ110Updated last year
- WebSocket REPL for pentestersβ230Updated last year
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocketβ83Updated 3 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β280Updated 3 months ago
- A web CTF for training developers in bug hunting and secure coding!β101Updated 11 months ago
- β114Updated 2 years ago
- Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agentsβ67Updated 7 months ago
- β116Updated 2 years ago
- Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.β35Updated 2 months ago