righettod / poc-graphqlLinks
Research on GraphQL from an AppSec point of view.
☆415Updated 2 years ago
Alternatives and similar repositories for poc-graphql
Users that are interested in poc-graphql are comparing it to the libraries listed below
Sorting:
- A simple SSRF-testing sheriff written in Go☆327Updated 7 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆386Updated 2 years ago
- secretz, minimizing the large attack surface of Travis CI☆325Updated 3 years ago
- SSRF testing tool☆244Updated 2 years ago
- Burp Suite Extension to monitor new scope☆198Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Updated 2 years ago
- ☆250Updated 11 months ago
- Automatic tool for DNS rebinding-based SSRF attacks☆303Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago
- ☆173Updated 2 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆455Updated 6 years ago
- Continuous monitoring for JavaScript files☆220Updated 5 years ago
- GraphQL security testing tool☆122Updated 3 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 6 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆353Updated 4 years ago
- GraphQL security workshop labs☆111Updated last month
- DOM XSS scanner for Single Page Applications☆411Updated 2 months ago
- Tool for catching and logging different types of requests.☆220Updated 4 years ago
- Predict Mongo ObjectIds☆135Updated 7 years ago
- A curated list of amazingly bug bounty tips from security researchers around the world.☆105Updated 6 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆203Updated last year
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆539Updated 2 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- Client Side Prototype Pollution Scanner☆519Updated 2 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- The Bug Bounty Wiki☆172Updated 6 years ago
- You can read the writeup on this script here☆193Updated 3 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆276Updated 4 years ago