Awesome-Mirrors/awesome-api-security
1
0
Fork 0
mirror of https://github.com/arainho/awesome-api-security.git synced 2025-01-10 06:39:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20 from Escape-Technologies/master

Browse Source 
Add several GraphQL tools, GraphQL security academy and wordlist
This commit is contained in:
André Rainho 2023-11-11 00:40:04 +00:00 committed by GitHub
commit 304585ee70
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -160,6 +160,7 @@ Please read the <a href="#contributions">contributions</a> section before openin
| [List of API endpoints & objects](https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d) | A list of 3203 common API endpoints and objects designed for fuzzing. |
| [List of Swagger endpoints](https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/swagger.txt) | Swagger endpoints |
| [SecLists for API's web-content discovery](https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content/api) | It is a collection of web content discovery lists for APIs used during security assessments. |
| [GraphQL wordlist](https://github.com/Escape-Technologies/graphql-wordlist) | The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas. |
## HTTP 101
| Name | Description |
@ -269,6 +270,9 @@ Name | Author | Description |
| [graphql-playground](https://github.com/graphql/graphql-playground) | GraphQL IDE for better development workflows (GraphQL Subscriptions, interactive docs & collaboration) |
| [graphql-threat-matrix](https://github.com/nicholasaleks/graphql-threat-matrix) | GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations. |
| [graphw00f](https://github.com/dolevf/graphw00f) | graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint. |
| [goctopus](https://github.com/Escape-Technologies/goctopus) | Blazing fast GraphQL discovery & fingerprinting toolbox. |
| [graphql-armor](https://github.com/Escape-Technologies/graphql-armor) | The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers |
| | |
| **REST APIs** |
| [Akto](https://github.com/akto-api-security/akto) | API discovery, automated business logic testing and runtime detection |