https://github.com/copyleftdev/graphqlfuzz
a simple go graphql fuzzing cli
https://github.com/copyleftdev/graphqlfuzz
fuzzing graphql security security-tools
Last synced: 3 months ago
JSON representation
a simple go graphql fuzzing cli
- Host: GitHub
- URL: https://github.com/copyleftdev/graphqlfuzz
- Owner: copyleftdev
- Created: 2023-12-31T07:21:40.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-12-31T07:25:56.000Z (over 1 year ago)
- Last Synced: 2024-11-18T13:25:53.516Z (6 months ago)
- Topics: fuzzing, graphql, security, security-tools
- Language: Go
- Homepage:
- Size: 4.88 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GraphQL Fuzzing Tool
The GraphQL Fuzzing Tool is a command-line utility for testing and fuzzing GraphQL endpoints. It allows you to generate a variety of GraphQL queries with fuzzed input to test the robustness of your GraphQL server. This tool can be used to identify potential vulnerabilities and issues in your GraphQL API.
## Features
- Fuzz GraphQL queries with various input data.
- Test different query types, including mutations and queries.
- Specify a GraphQL schema in JSON format.
- Optional wordlist support for custom fuzzing input.
- Detailed response logging for analysis.
## Usage
1. Clone the repository:
```bash
git clone https://github.com/copyleftdev/graphqlfuzz.git
cd graphqlfuzz
```
2. Build the tool:
```bash
go build
```
3. Run the tool with the following command:
```bash
./graphqlfuzz -endpoint -gqlfile -wordlist
```
Replace `` with the URL of your GraphQL endpoint, `` with the path to your GraphQL schema file in JSON format, and `` with the path to an optional wordlist file for custom fuzzing input.
## Example
```bash
./graphqlfuzz -endpoint http://localhost:8080/graphql -gqlfile schema.json -wordlist wordlist.txt
```
## Dependencies
- Go (Golang)
- External dependencies are managed using Go Modules.