Damn-Vulnerable-GraphQL-Application. Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
1.7kgraphw00f. graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
862graphql-cop. Security Auditor Utility for GraphQL APIs
673Black-Hat-Bash. The Black Hat Bash book repository
391Black-Hat-GraphQL. The Black Hat GraphQL Book Repository
286Open-Policy-Agent-Alfred. Reasonably Usable Self-hosted Version of OPA's Playground
37nmap-graphql-introspection-nse. NSE Script for GraphQL Introspection Check
25Pentest-Ansible. Ansible playbooks for Penetration Testing tooling installation
8OWASP-VWAD. The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
3bottle-acl-openpolicyagent. Add Authorization to Python's Bottle Framework with Open Policy Agent
3apache-flink-directory-traversal.nse. Apache Flink Directory Traversal (CVE-2020-17519) Nmap NSE Script
3dolevf.
3graphql-server. This is the core package for using GraphQL in a custom server easily
2CVE-2020-9483. PoC of SQL Injection vul(CVE-2020-9483,Apache SkyWalking)
2nmap-http-403-bypass-nse. Nmap NSE implementation of byp4xx.sh
2security-disclosures. Python
2flask-sockets. Elegant WebSockets for your Flask apps.
1graphql-threat-matrix. GraphQL attack vector framework used by security professionals to research security gaps in GraphQL implementations
1nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
1jupyterlab. JupyterLab computational environment.
1awesome-opa. A curated list of OPA related tools, frameworks and articles
1nerve. NERVE Continuous Vulnerability Scanner
1airflow. Apache Airflow - A platform to programmatically author, schedule, and monitor workflows
1Public-AMI-Scanner. Scans Public AWS AMIs
1opa. An open source, general-purpose policy engine.
1presentations.
1