Submit your favorite resources for free.

HackDB

Tag

Listing

Pages

Company

GraphQL Cop

GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.

Visit Website Share on X

Visit Website

Introduction

GraphQL Cop is a security auditor utility designed for GraphQL APIs. Written in Python, it's lightweight and focuses on identifying common GraphQL security vulnerabilities. It's particularly useful for integrating into CI/CD pipelines to ensure ongoing security.

Key features include:

Vulnerability Detection: Identifies alias overloading, batch queries, CSRF vulnerabilities, information leaks via tracing/debug modes, field duplication, and more.
Reproducible Findings: Provides cURL commands to reproduce identified vulnerabilities, aiding in verification and remediation.
CI/CD Integration: Ideal for automated security checks in continuous integration and continuous deployment environments.
Customizable Usage: Supports custom headers, proxies (including Tor), and wordlists for tailored scans.
Docker Support: Easy deployment and execution via Docker.

GraphQL Cop targets security engineers, developers, and QA teams looking to automate and enhance the security posture of their GraphQL APIs.

Back

Information

Publisher
Admin
Websitegithub.com
Created date04/11/2025
Published date04/11/2025

More Resources

Application SecurityAPI Security

Visit Website

Titus

Details

Titus is a high-performance secrets scanner that detects and validates leaked credentials in code, binaries, and HTTP traffic for offensive engagements.

Static Analysis API Web Mobile External

Application SecurityAPI Security

Visit Website

Webhook.site

Details

Webhook.site allows red teams to capture and inspect HTTP requests in real-time. It is essential for testing blind OOB vulnerabilities and exfiltration.

Web API Cloud