GraphCrawler
DefaultCreds-cheat-sheet
GraphCrawler | DefaultCreds-cheat-sheet | |
---|---|---|
7 | 2 | |
288 | 5,324 | |
- | - | |
3.4 | 7.5 | |
3 months ago | 3 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GraphCrawler
- GraphCrawler: GraphQL automated security testing toolkit
-
BIG update out for GraphCrawler - GraphQL automated security testing.
You all loved it before but it just got better. Now in version 1.2 just point GraphCrawler at a domain and it will search for subdomains and then GraphQL endpoints on those subdomains for you! After that it will run just like before and do a security assessment on each one. It literally does it all for you now. Check it out! GraphCrawler
-
Automated toolkit for testing GraphQL endpoints.
Hey everyone, for y’all interested in GraphQL security I’ve released a big update to my tool GraphCrawler. It will do literally everything for you when checking out an endpoint for misconfigurations and exposures. Hope y’all like it! And if you do plz star it! GraphCrawler
-
Best GraphQL pentesting tool
Just released my biggest update yet for GraphCrawler! It is now the most powerful GraphQL endpoint security tool out there and I’m working on making it better. Please give it a star if you like it. I hope it makes y’all’s lives easier GraphCrawler
-
New GraphQL pentest tool
Hey, I just released a new version of GraphCrawler and this new version combines it with Clairvoyance and GraphQL-path-enum, to make it the most powerful GraphQL endpoint security tool. If there is anything for a foothold it will find it and help you exploit it by giving you attack paths. Give it a look here: GraphCrawler
-
Pentesting and bug bounty tool for GraphQL
Hey again, I posted about this tool before but there’s been a pretty big update to it and now it includes Clairvoyance and graphql-path-enum built into it. It is the all in one GraphQL pentesting tool. Hope y’all enjoy! GraphCrawler
- GraphQL Automated Vulnerability Scanner
DefaultCreds-cheat-sheet
- Database of default usernames and passwords?
-
Wordlists
If looking for a tool that searching default creds : https://github.com/ihebski/DefaultCreds-cheat-sheet
What are some alternatives?
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
my-wordlists - wordlists i use for testing security/security testing or whatever you want to call it
swaggerHole - A python3 script searching for secret on swaggerhub
mssql-spider - Automated exploitation of MSSQL servers at scale
mongoaudit - 🔥 A powerful MongoDB auditing and pentesting tool 🔥
powershell_commands - Personal sheet for PowerShell 🧢
weird_proxies - Reverse proxies cheatsheet
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).