Canada

Dolev Farhi

Elite
@dolevf

Damn-Vulnerable-GraphQL-Application. Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

1.7k

graphw00f. graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

862

graphql-cop. Security Auditor Utility for GraphQL APIs

673

Black-Hat-Bash. The Black Hat Bash book repository

391

Black-Hat-GraphQL. The Black Hat GraphQL Book Repository

286

Open-Policy-Agent-Alfred. Reasonably Usable Self-hosted Version of OPA's Playground

37

nmap-graphql-introspection-nse. NSE Script for GraphQL Introspection Check

25

Pentest-Ansible. Ansible playbooks for Penetration Testing tooling installation

8

OWASP-VWAD. The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

3

bottle-acl-openpolicyagent. Add Authorization to Python's Bottle Framework with Open Policy Agent

3

apache-flink-directory-traversal.nse. Apache Flink Directory Traversal (CVE-2020-17519) Nmap NSE Script

3

dolevf.

3

graphql-server. This is the core package for using GraphQL in a custom server easily

2

CVE-2020-9483. PoC of SQL Injection vul(CVE-2020-9483,Apache SkyWalking)

2

nmap-http-403-bypass-nse. Nmap NSE implementation of byp4xx.sh

2

security-disclosures. Python

2

flask-sockets. Elegant WebSockets for your Flask apps.

1

graphql-threat-matrix. GraphQL attack vector framework used by security professionals to research security gaps in GraphQL implementations

1

nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.

1

jupyterlab. JupyterLab computational environment.

1

awesome-opa. A curated list of OPA related tools, frameworks and articles

1

nerve. NERVE Continuous Vulnerability Scanner

1

airflow. Apache Airflow - A platform to programmatically author, schedule, and monitor workflows

1

Public-AMI-Scanner. Scans Public AWS AMIs

1

opa. An open source, general-purpose policy engine.

1

presentations.

1
26
Apply