GraphQL Cop to małe narzędzie Pythona do uruchamiania typowych testów bezpieczeństwa dla interfejsów API GraphQL. GraphQL Cop jest idealny do przeprowadzania kontroli CI/CD w GraphQL. Jest lekki i obejmuje interesujące kwestie bezpieczeństwa w GraphQL.
GraphQL Cop pozwala odtworzyć wyniki, dostarczając polecenia cURL dla wszelkich zidentyfikowanych luk w zabezpieczeniach.
Writeup odnośnie GraphQL - https://blog.koalasec.co/2500-dollars-in-bounties-hacking-graphql
https://github.com/dolevf/graphql-cop
└─# python3 graphql-cop.py -t https://sdb.ua/?q=getnciesList 1 ⨯
[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /graphiql)
[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /playground)
[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /console)
[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /graphql)
[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /graphiql)
[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /playground)
[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /console)
[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /graphql)
[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /graphiql)
[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /playground)
[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /console)
[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /graphql)
[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /graphiql)
[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /playground)
[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /console)
[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /graphql)
[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /graphiql)
[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /playground)
[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /console)
[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /graphql)
