all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

GraphQL Automated Vulnerability Scanner

Add to bookmarks
June 18, 2022, 5:51 a.m. | /u/SweatyIntroduction45

cybersecurity www.reddit.com

Hey y’all,

Posting a tool I made recently to help out going through GraphQL endpoints with introspection enabled. It will grab the schema and go through and check if mutation is enabled, write access pretty much, if there are any sensitive queries, such as listing user details and files, and then it will test queries that it finds with little to no arguments to see if it requires authorization. Following all this it will rate give it a criticality score …

automated cybersecurity graphql scanner vulnerability vulnerability scanner

Visit resource

More from www.reddit.com / cybersecurity

What is best practice to prevent man in the middle compromising emails? an hour ago | www.reddit.com
attack best practice caught cybersecurity +13
Just me, or is every vendor's website awful. WHAT DO YOU ACTUALLY DO? 3 hours ago | www.reddit.com
article customers cybersecurity edr +17
We have Crowdstrike for our EDR. Can we use it as our primary SIEM? 4 hours ago | www.reddit.com
can cons cost crowdstrike +13
Web API Security Champion: Broken Object Level Authorization (OWASP TOP 10) 4 hours ago | www.reddit.com
api api security authorization broken object level authorization +9
Cisco Warns of Large-Scale Brute-Force Attacks on VPNs 5 hours ago | www.reddit.com
article attacks brute brute-force +8
LabHost phishing service with 40,000 domains disrupted, 37 arrested 6 hours ago | www.reddit.com
cybersecurity
Cybersecurity self learning 13 hours ago | www.reddit.com
blue blue team can college +7
I am a new soc analyst , can you suggest me some dashboard ideas that … 18 hours ago | www.reddit.com
analyst can cybersecurity dashboard +6
Has anyone transitioned from army intelligence analyst to corporate threat Intel analyst? 20 hours ago | www.reddit.com
analyst army corporate cybersecurity +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Transfer GMP Compliance Officer

@ Pharmathen | Sapes, East Macedonia and Thrace, Greece
View on infosec-jobs.com

Security Cyber Consultant DRC (m/w/d)

@ Atos | Berlin, DE, D-13353
View on infosec-jobs.com

Penetration Tester - InfoSec

@ Rapid7 | NIS Belfast
View on infosec-jobs.com

Cyber Vulnerability Lead

@ Under Armour | Remote, US
View on infosec-jobs.com
View more jobs