Alternatives and similar repositories for poc-graphql

Users that are interested in poc-graphql are comparing it to the libraries listed below

• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆404Updated 3 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆336Updated last year
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆325Updated 3 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆304Updated 5 years ago
• daeken / SSRFTest
  SSRF testing tool
  ☆246Updated 3 years ago
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆417Updated 2 months ago
• BishopFox / json-interop-vuln-labs
  Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
  ☆211Updated 2 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆126Updated 3 years ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆327Updated 3 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆151Updated 7 years ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆200Updated 4 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆302Updated 2 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆564Updated 2 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆358Updated 5 years ago
• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆225Updated 6 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆294Updated last year
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆255Updated 2 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆184Updated 7 years ago
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆317Updated 2 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆265Updated 4 years ago
• jobertabma / transformations
  ☆173Updated 3 years ago
• wisec / domxsswiki
  Automatically exported from code.google.com/p/domxsswiki
  ☆546Updated 7 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆185Updated 3 years ago
• TheHackerDev / race-the-web
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆627Updated 3 years ago
• defparam / h1passets
  List HackerOne private program assets
  ☆154Updated 4 years ago
• TyrantSec / Fuzzing
  Fuzzing Payloads to Assist in Web Application Testing.
  ☆167Updated 6 years ago
• Fuzzapi / API-fuzzer
  API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
  ☆406Updated 8 years ago
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆301Updated 2 years ago
• d0nutptr / sic
  A tool to perform Sequential Import Chaining
  ☆283Updated 6 years ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆207Updated 2 years ago