Nikita Stupin
Nikita Stupin
Hi @gwen001 , First of all thanks for this project, it looks like it's finding sub-domains that Amass isn't finding which is great! I have a suggestion to improve this...
Probably, we can use https://github.com/Escape-Technologies/graphdna. Warn a user if the server is not supported (because Clairvoyance is not guaranteed to work with every server).
I'm also having the same error when running the tool, however changing the bucket size to 256 didn't solve the issue for me either. OS: Ubuntu 20.04 LTS Python: 3.8.10...
Now we're probing only for (1) argument name and (2) it's type. However in case if argument of [INPUT_OBJECT](https://spec.graphql.org/June2018/#sec-Input-Object-Values) type we can probe for (3) fields too.
According to https://spec.graphql.org/June2018/#sec-Names names in GraphQL must match following regex: ``` [_A-Za-z][_0-9A-Za-z]* ``` We can skip non-matching names and add flag to disable this verification.
For example, we can break `maxAtmospheringSpeed` to `max`, `maxAtmosphering`, `AtmospheringSpeed`, `max`, `Atmosphering` and `Speed` names and use them for probing! We can also add these to wordlist so they will...
``` fragment TypeRef on __Type { kind name ofType { kind name ofType { kind name ofType { kind name ofType { kind name ofType { kind name ofType {...