GraphQL Alias Overloading Enabled

GraphQL is an open-source query and manipulation language for APIs. GraphQL alias overloading is a vulnerability where an attacker sends queries with numerous aliased fields to cause server performance degradation. The server must process each alias separately, which can lead to excessive CPU...

GraphQL Cop - Security Auditor Utility For GraphQL APIs

GraphQL Cop is a small Python utility to run common security tests against GraphQL APIs. Requirements Python3 Requests Library Detections Alias Overloading DoS Batch Queries DoS GET based Queries CSRF GraphQL Tracing / Debug Modes Info Leak Field Duplication DoS Field Suggestions Info Leak Graphi...