https://github.com/doyensec/inql
GitHub - doyensec/inql: InQL - A Burp Extension for GraphQL Security Testing
InQL - A Burp Extension for GraphQL Security Testing - GitHub - doyensec/inql: InQL - A Burp Extension for GraphQL Security Testing
github.com
https://blog.assetnote.io/2021/08/29/exploiting-graphql/
Exploiting GraphQL
Application security issues found by Assetnote
blog.assetnote.io
https://www.jython.org/download
Downloads
The Python runtime on the JVM
www.jython.org
https://book.hacktricks.xyz/pentesting/pentesting-web/graphql
GraphQL - HackTricks
If you can search by a string type, like: query={theusers(description: ""){username,password}} and you search for an empty string it will dump all data. (Note this example isn't related with the example of the tutorials, for this example suppose you can se
book.hacktricks.xyz
'웹' 카테고리의 다른 글
| Wordpress 정리 (0) | 2022.04.29 |
|---|---|
| CSRF 참고 hacktricks (0) | 2022.04.23 |
| xinha 에디터 추가 (0) | 2022.04.20 |
| aspx 웹쉘 참고 (0) | 2022.04.19 |
| HTTP Request Smuggling (0) | 2022.04.09 |
wtdsoul