righettod / poc-graphqlLinks
Research on GraphQL from an AppSec point of view.
☆416Updated 2 years ago
Alternatives and similar repositories for poc-graphql
Users that are interested in poc-graphql are comparing it to the libraries listed below
Sorting:
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆389Updated 2 years ago
- secretz, minimizing the large attack surface of Travis CI☆327Updated 3 years ago
- A simple SSRF-testing sheriff written in Go☆329Updated 9 months ago
- DOM XSS scanner for Single Page Applications☆417Updated 2 months ago
- SSRF testing tool☆245Updated 2 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆354Updated 4 years ago
- Security Testing Scripts for JWT☆316Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆302Updated 2 years ago
- Burp Suite Extension to monitor new scope☆199Updated 4 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆209Updated 2 years ago
- GraphQL security testing tool☆123Updated 3 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Updated 4 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 6 years ago
- Predict Mongo ObjectIds☆145Updated 7 years ago
- Tool for catching and logging different types of requests.☆220Updated 4 years ago
- ☆173Updated 2 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆541Updated 2 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆316Updated 2 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆318Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆288Updated 6 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆262Updated 3 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆179Updated 2 years ago
- Continuous monitoring for JavaScript files☆225Updated 5 years ago
- ☆257Updated last year
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆203Updated 2 years ago
- A starter secure code review checklist☆182Updated 6 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆254Updated last year
- The Bug Bounty Wiki☆172Updated 6 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆260Updated 2 years ago