righettod / poc-graphqlLinks
Research on GraphQL from an AppSec point of view.
☆415Updated 2 years ago
Alternatives and similar repositories for poc-graphql
Users that are interested in poc-graphql are comparing it to the libraries listed below
Sorting:
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆392Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆327Updated 9 months ago
- secretz, minimizing the large attack surface of Travis CI☆327Updated 3 years ago
- Security Testing Scripts for JWT☆316Updated 3 years ago
- DOM XSS scanner for Single Page Applications☆415Updated 2 months ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Updated 5 years ago
- SSRF testing tool☆246Updated 2 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆209Updated 2 years ago
- Burp Suite Extension to monitor new scope☆199Updated 4 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆543Updated 2 years ago
- Continuous monitoring for JavaScript files☆225Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆302Updated 2 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 6 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Updated 4 years ago
- A starter secure code review checklist☆182Updated 6 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆459Updated 6 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆289Updated 7 months ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆181Updated 2 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆399Updated 8 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆316Updated 2 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆263Updated 3 years ago
- Predict Mongo ObjectIds☆145Updated 7 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆254Updated 2 years ago
- ☆257Updated last year
- GraphQL security testing tool☆124Updated 3 years ago
- The Bug Bounty Wiki☆172Updated 6 years ago
- ☆173Updated 2 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆203Updated 2 years ago
- Tool for catching and logging different types of requests.☆220Updated 4 years ago