Damn-Vulnerable-GraphQL-Application

Vulnerable GraphQL service

An intentionally vulnerable GraphQL implementation to test security

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

GitHub

2k stars
27 watching
298 forks
Language: JavaScript
last commit: 11 months ago
Linked from 3 awesome lists

damn-vulnerabledamn-vulnerable-web-applicationexploitationgraphqlgraphql-securitypenetration-testingsecurityvulnerability

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
dolevf/graphql-cop A tool to scan GraphQL APIs for common security vulnerabilities and report potential issues 382
rewanthtammana/damn-vulnerable-bank An intentionally vulnerable Android application designed to test security hacking skills 654
dolevf/graphw00f Fingerprinting tool to identify the underlying GraphQL server technology behind a given endpoint. 578
doyensec/inql A tool for testing GraphQL APIs with vulnerability detection and customizable scans. 1,540
0xjcn/damn-vulnerable-defi-v3-ctf A DeFi protocol with intentional vulnerabilities for testing and learning secure smart contract development 25
nicholasaleks/graphql-threat-matrix A framework to help identify security gaps in GraphQL APIs by analyzing implementation differences and vulnerabilities. 287
theowni/damn-vulnerable-restaurant-api-game An intentionally vulnerable API service designed to train developers, ethical hackers, and security engineers in detecting and exploiting vulnerabilities. 442
davinerd/gql_intruder A tool to assess vulnerabilities in GraphQL endpoints by simulating attacks. 13
snoopysecurity/dvws-node An insecure web service application used to simulate various web vulnerabilities and demonstrate their mitigation strategies. 455
escape-technologies/graphql-armor A security middleware framework for GraphQL servers to protect against common attacks and vulnerabilities. 500
nicolasgarcia214/damn-vulnerable-defi-foundry A DeFi smart contract training tool that simulates real-world vulnerabilities to help developers learn offensive security testing skills 494
hardik05/damn_vulnerable_c_program An example C program demonstrating common types of vulnerabilities, designed to be fuzzed using various tools. 676
the-road-to-graphql/react-graphql-github-vanilla A React application that uses plain HTTP requests to consume GitHub's GraphQL API 72
silentsignal/damn-vulnerable-stateful-web-app A proof-of-concept web application demonstrating common vulnerabilities in PHP stateful applications 14
usscltd/dorks Automates searching for vulnerabilities in databases and websites using predefined query patterns 199