Damn-Vulnerable-GraphQL-Application
Vulnerable GraphQL service
An intentionally vulnerable GraphQL implementation to test security
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
2k stars
27 watching
298 forks
Language: JavaScript
last commit: 10 months ago
Linked from 3 awesome lists
damn-vulnerabledamn-vulnerable-web-applicationexploitationgraphqlgraphql-securitypenetration-testingsecurityvulnerability
infoslack/awesome-web-hacking
vavkamil/awesome-vulnerable-appsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| dolevf/graphql-cop | A tool to scan GraphQL APIs for common security vulnerabilities and report potential issues | 382 |
 rewanthtammana/damn-vulnerable-bank | An intentionally vulnerable Android application designed to test security hacking skills | 654 |
| dolevf/graphw00f | Fingerprinting tool to identify the underlying GraphQL server technology behind a given endpoint. | 578 |
 doyensec/inql | A tool for testing GraphQL APIs with vulnerability detection and customizable scans. | 1,540 |
 0xjcn/damn-vulnerable-defi-v3-ctf | A DeFi protocol with intentional vulnerabilities for testing and learning secure smart contract development | 25 |
 nicholasaleks/graphql-threat-matrix | A framework to help identify security gaps in GraphQL APIs by analyzing implementation differences and vulnerabilities. | 287 |
 theowni/damn-vulnerable-restaurant-api-game | An intentionally vulnerable API service designed to train developers, ethical hackers, and security engineers in detecting and exploiting vulnerabilities. | 442 |
 davinerd/gql_intruder | A tool to assess vulnerabilities in GraphQL endpoints by simulating attacks. | 13 |
 snoopysecurity/dvws-node | An insecure web service application used to simulate various web vulnerabilities and demonstrate their mitigation strategies. | 455 |
 escape-technologies/graphql-armor | A security middleware framework for GraphQL servers to protect against common attacks and vulnerabilities. | 500 |
 nicolasgarcia214/damn-vulnerable-defi-foundry | A DeFi smart contract training tool that simulates real-world vulnerabilities to help developers learn offensive security testing skills | 494 |
 hardik05/damn_vulnerable_c_program | An example C program demonstrating common types of vulnerabilities, designed to be fuzzed using various tools. | 676 |
 the-road-to-graphql/react-graphql-github-vanilla | A React application that uses plain HTTP requests to consume GitHub's GraphQL API | 72 |
 silentsignal/damn-vulnerable-stateful-web-app | A proof-of-concept web application demonstrating common vulnerabilities in PHP stateful applications | 14 |
 usscltd/dorks | Automates searching for vulnerabilities in databases and websites using predefined query patterns | 199 |