Alternatives and similar repositories for poc-graphql:

Users that are interested in poc-graphql are comparing it to the libraries listed below

• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆372Updated 2 years ago
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆325Updated 2 years ago
• daeken / SSRFTest
  SSRF testing tool
  ☆243Updated 2 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆322Updated 2 months ago
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆400Updated 6 months ago
• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆596Updated 2 months ago
• nicholasaleks / graphql-threat-matrix
  GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
  ☆300Updated last year
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆295Updated 4 years ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆197Updated 3 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆172Updated 2 years ago
• fransr / template-generator
  A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…
  ☆252Updated last year
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆522Updated last year
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆448Updated 5 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆120Updated 2 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆297Updated last year
• tomdev / teh_s3_bucketeers
  ☆273Updated 3 years ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆201Updated last year
• NotSoSecure / cloud-service-enum
  ☆238Updated 7 months ago
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆284Updated last year
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆349Updated 4 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆251Updated last year
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆409Updated this week
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆524Updated 6 years ago
• mazen160 / xless
  The Serverless Blind XSS App
  ☆334Updated 10 months ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆310Updated 2 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆188Updated 5 months ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆191Updated 3 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆127Updated 6 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆256Updated 3 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆510Updated 2 years ago