graphw00f
graphw00f copied to clipboard
dolevf
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
I have a GraphQL endpoint https://target/graphql?query={} which only respond to GET requests. This tool only use POST requests and it not able to detect the GraphQL in this case.
Address #18 - feat: added CD workflow | Will create release/push to pypi on tag. - feat: pyproject file - refactor: version system - refactor: moved scripts assets into the...
Could you release a `pyproject.toml` file to make install a&nd packaging easier? - [pyproject.toml](https://pip.pypa.io/en/stable/reference/build-system/pyproject-toml/) - [How to Publish an Open-Source Python Package to PyPI](https://realpython.com/pypi-publish-python-package/) - [The pyproject.toml file](https://python-poetry.org/docs/pyproject/)
- Prevent sending same requests twice - Send requests asynchronously All of this will speedup by a lot the search.
Address #20 - refactor: `print` to `logging` module. - refactor: fstring over format (Graphw00f is targeting python3) - feat: logger.py that contains logger setup that we can later adjust. -...
I have this target using yoga graphql which I think is based on apollo graphql. Here graphw00f marks this as apollo. Could you please verify this?
The error_contains function now properly handles cases where the response can contain either a list of strings or a list of dictionaries. This resolves an AttributeError that occurred when trying...
This pull request introduces functionality to graphw00f, allowing it to read detection queries from a JSON file and check each query respectively. This enhancement improves flexibility and maintainability of the...
