Search the Community
Showing results for tags 'graphql'.
-
InQL Scanner v4.0.5 - Burp Extension for GraphQL Security Testing
itsMe posted a topic in Pentesting
InQL Scanner InQL Scanner is a security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Changelog v4.0.5 Fixes: Burp: enable HTTP/2 for Burp >= 2020.8 [hide][Hidden Content]] -
InQL Burp Suite Extension Since version 1.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the capabilities of the stand-alone script plus a handy user interface to manipulate queries. Using the inql extension for Burp Suite, you can: Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website Search for exposed GraphQL development consoles (GraphiQL, GraphQL Playground, and other common consoles) Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL Leverage the templates generation by sending those requests to Burp's Repeater tool Configure the tool by using a custom settings tab [HIDE][Hidden Content]]