├── .dockerignore ├── .flake8 ├── .github └── workflows │ ├── dockerhub_release.yml │ ├── githubcr_release.yml │ ├── integration_tests.yml │ ├── lint.yml │ ├── pypi_release.yml │ └── unit_tests.yml ├── .gitignore ├── .pre-commit-config.yaml ├── .python-version ├── CITATION.cff ├── Dockerfile ├── LICENSE ├── README.md ├── SECURITY.md ├── benchmark ├── __init__.py ├── benchmark_odg.py ├── benchmark_oob.py └── readme.md ├── docs ├── CONTRIBUTING.md ├── images │ ├── example_graph.png │ └── logo.png ├── installation.md └── plugins.md ├── graphqler ├── __init__.py ├── __main__.py ├── compiler │ ├── __init__.py │ ├── compiler.py │ ├── introspection_query.py │ ├── parsers │ │ ├── __init__.py │ │ ├── enum_list_parser.py │ │ ├── input_object_list_parser.py │ │ ├── interface_list_parser.py │ │ ├── mutation_list_parser.py │ │ ├── object_list_parser.py │ │ ├── parser.py │ │ ├── query_list_parser.py │ │ └── union_list_parser.py │ └── resolvers │ │ ├── __init__.py │ │ ├── mutation_object_resolver.py │ │ ├── object_dependency_resolver.py │ │ ├── object_method_resolver.py │ │ ├── query_object_resolver.py │ │ ├── resolver.py │ │ └── utils.py ├── config.py ├── core.py ├── examples │ └── config.toml ├── fuzzer │ ├── __init__.py │ ├── engine │ │ ├── dengine.py │ │ ├── detectors │ │ │ ├── __init__.py │ │ │ ├── detector.py │ │ │ ├── field_suggestion │ │ │ │ ├── field_suggestion_detector.py │ │ │ │ └── field_suggestion_materializer.py │ │ │ ├── html_injection │ │ │ │ └── html_injection_detector.py │ │ │ ├── introspection │ │ │ │ ├── introspection_detector.py │ │ │ │ └── introspection_materializer.py │ │ │ ├── os_command_injection │ │ │ │ ├── os_command_injection_detector.py │ │ │ │ └── os_command_injection_materializer.py │ │ │ ├── path_injection │ │ │ │ └── path_injection_detector.py │ │ │ ├── query_deny_bypass │ │ │ │ └── query_deny_bypass_detector.py │ │ │ ├── sql_injection │ │ │ │ └── sql_injection_detector.py │ │ │ ├── ssrf_injection │ │ │ │ ├── ssrf_injection_detector.py │ │ │ │ └── ssrf_injection_materialilzer.py │ │ │ └── xss_injection │ │ │ │ ├── xss_injection_detector.py │ │ │ │ └── xss_injection_materializer.py │ │ ├── exceptions │ │ │ ├── __init__.py │ │ │ ├── dependency_not_met_exception.py │ │ │ └── hard_dependency_not_met_exception.py │ │ ├── fengine.py │ │ ├── materializers │ │ │ ├── __init__.py │ │ │ ├── dos │ │ │ │ ├── __init__.py │ │ │ │ ├── dos_batch_materializer.py │ │ │ │ └── dos_deep_recursion_materializer.py │ │ │ ├── getter.py │ │ │ ├── injection_materializer.py │ │ │ ├── materializer.py │ │ │ ├── maximal_payload_materializer.py │ │ │ ├── regular_payload_materializer.py │ │ │ └── utils │ │ │ │ └── materialization_utils.py │ │ ├── retrier │ │ │ ├── __init__.py │ │ │ ├── retrier.py │ │ │ └── utils.py │ │ ├── types │ │ │ ├── __init__.py │ │ │ └── result.py │ │ └── utils.py │ ├── fuzzer.py │ ├── idor_fuzzer.py │ └── utils.py ├── graph │ ├── __init__.py │ ├── graph_generator.py │ ├── node.py │ └── utils.py └── utils │ ├── __init__.py │ ├── api.py │ ├── cli_utils.py │ ├── config_handler.py │ ├── file_utils.py │ ├── logging_utils.py │ ├── objects_bucket.py │ ├── parser_utils.py │ ├── plugins_handler.py │ ├── protocols │ ├── __init__.py │ └── request_utils_protocol.py │ ├── request_utils.py │ ├── singleton.py │ └── stats.py ├── pyproject.toml ├── static ├── readme.md └── wordlist.txt ├── tests ├── __init__.py ├── integration │ ├── __init__.py │ ├── test_core.py │ ├── test_food_delivery_api.py │ ├── test_user_wallet_api.py │ └── utils │ │ ├── run_api.py │ │ └── stats.py ├── test-apis │ ├── .gitkeep │ ├── food-delivery-api │ │ ├── .dockerignore │ │ ├── .gitignore │ │ ├── README.md │ │ ├── dbinitializer.js │ │ ├── dockerfile │ │ ├── package-lock.json │ │ ├── package.json │ │ ├── resolvers.js │ │ ├── schema.gql │ │ ├── server.js │ │ └── testcases.txt │ ├── test_configs │ │ ├── food_delivery_api_config.toml │ │ └── user_wallet_api_config.toml │ └── user-wallet-api │ │ ├── .gitignore │ │ ├── data │ │ ├── schema.gql │ │ └── schema.js │ │ ├── package-lock.json │ │ ├── package.json │ │ └── server.js └── unit │ ├── __init__.py │ ├── compiler │ ├── __init__.py │ └── resolvers │ │ ├── __init__.py │ │ └── test_utils.py │ ├── fixtures │ └── introspection_result.json │ ├── fuzzer │ ├── __init__.py │ └── fengine │ │ ├── __init__.py │ │ ├── materializer │ │ ├── __init__.py │ │ └── utils │ │ │ └── test_output_utils.py │ │ ├── retrier │ │ ├── __init__.py │ │ └── test_utils.py │ │ └── test_utils.py │ └── utils │ ├── __init__.py │ ├── mock_plugins │ └── request_utils.py │ ├── test_file_utils.py │ ├── test_objects_bucket.py │ ├── test_parser_utils.py │ └── test_plugins_handler.py └── uv.lock /.dockerignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.dockerignore -------------------------------------------------------------------------------- /.flake8: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.flake8 -------------------------------------------------------------------------------- /.github/workflows/dockerhub_release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/dockerhub_release.yml -------------------------------------------------------------------------------- /.github/workflows/githubcr_release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/githubcr_release.yml -------------------------------------------------------------------------------- /.github/workflows/integration_tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/integration_tests.yml -------------------------------------------------------------------------------- /.github/workflows/lint.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/lint.yml -------------------------------------------------------------------------------- /.github/workflows/pypi_release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/pypi_release.yml -------------------------------------------------------------------------------- /.github/workflows/unit_tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.github/workflows/unit_tests.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.gitignore -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/.pre-commit-config.yaml -------------------------------------------------------------------------------- /.python-version: -------------------------------------------------------------------------------- 1 | 3.12 2 | -------------------------------------------------------------------------------- /CITATION.cff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/CITATION.cff -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/SECURITY.md -------------------------------------------------------------------------------- /benchmark/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /benchmark/benchmark_odg.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/benchmark/benchmark_odg.py -------------------------------------------------------------------------------- /benchmark/benchmark_oob.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/benchmark/benchmark_oob.py -------------------------------------------------------------------------------- /benchmark/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/benchmark/readme.md -------------------------------------------------------------------------------- /docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/docs/CONTRIBUTING.md -------------------------------------------------------------------------------- /docs/images/example_graph.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/docs/images/example_graph.png -------------------------------------------------------------------------------- /docs/images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/docs/images/logo.png -------------------------------------------------------------------------------- /docs/installation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/docs/installation.md -------------------------------------------------------------------------------- /docs/plugins.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/docs/plugins.md -------------------------------------------------------------------------------- /graphqler/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /graphqler/__main__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/__main__.py -------------------------------------------------------------------------------- /graphqler/compiler/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/__init__.py -------------------------------------------------------------------------------- /graphqler/compiler/compiler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/compiler.py -------------------------------------------------------------------------------- /graphqler/compiler/introspection_query.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/introspection_query.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/__init__.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/enum_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/enum_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/input_object_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/input_object_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/interface_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/interface_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/mutation_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/mutation_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/object_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/object_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/query_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/query_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/parsers/union_list_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/parsers/union_list_parser.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/__init__.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/mutation_object_resolver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/mutation_object_resolver.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/object_dependency_resolver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/object_dependency_resolver.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/object_method_resolver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/object_method_resolver.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/query_object_resolver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/query_object_resolver.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/resolver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/resolver.py -------------------------------------------------------------------------------- /graphqler/compiler/resolvers/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/compiler/resolvers/utils.py -------------------------------------------------------------------------------- /graphqler/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/config.py -------------------------------------------------------------------------------- /graphqler/core.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/core.py -------------------------------------------------------------------------------- /graphqler/examples/config.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/examples/config.toml -------------------------------------------------------------------------------- /graphqler/fuzzer/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/dengine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/dengine.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/field_suggestion/field_suggestion_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/field_suggestion/field_suggestion_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/field_suggestion/field_suggestion_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/field_suggestion/field_suggestion_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/html_injection/html_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/html_injection/html_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/introspection/introspection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/introspection/introspection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/introspection/introspection_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/introspection/introspection_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/os_command_injection/os_command_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/os_command_injection/os_command_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/os_command_injection/os_command_injection_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/os_command_injection/os_command_injection_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/path_injection/path_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/path_injection/path_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/query_deny_bypass/query_deny_bypass_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/query_deny_bypass/query_deny_bypass_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/sql_injection/sql_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/sql_injection/sql_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/ssrf_injection/ssrf_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/ssrf_injection/ssrf_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/ssrf_injection/ssrf_injection_materialilzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/ssrf_injection/ssrf_injection_materialilzer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/xss_injection/xss_injection_detector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/xss_injection/xss_injection_detector.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/detectors/xss_injection/xss_injection_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/detectors/xss_injection/xss_injection_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/exceptions/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/exceptions/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/exceptions/dependency_not_met_exception.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/exceptions/dependency_not_met_exception.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/exceptions/hard_dependency_not_met_exception.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/exceptions/hard_dependency_not_met_exception.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/fengine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/fengine.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/dos/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/dos/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/dos/dos_batch_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/dos/dos_batch_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/dos/dos_deep_recursion_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/dos/dos_deep_recursion_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/getter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/getter.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/injection_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/injection_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/maximal_payload_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/maximal_payload_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/regular_payload_materializer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/regular_payload_materializer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/materializers/utils/materialization_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/materializers/utils/materialization_utils.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/retrier/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/retrier/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/retrier/retrier.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/retrier/retrier.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/retrier/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/retrier/utils.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/types/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/types/__init__.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/types/result.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/types/result.py -------------------------------------------------------------------------------- /graphqler/fuzzer/engine/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/engine/utils.py -------------------------------------------------------------------------------- /graphqler/fuzzer/fuzzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/fuzzer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/idor_fuzzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/idor_fuzzer.py -------------------------------------------------------------------------------- /graphqler/fuzzer/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/fuzzer/utils.py -------------------------------------------------------------------------------- /graphqler/graph/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/graph/__init__.py -------------------------------------------------------------------------------- /graphqler/graph/graph_generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/graph/graph_generator.py -------------------------------------------------------------------------------- /graphqler/graph/node.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/graph/node.py -------------------------------------------------------------------------------- /graphqler/graph/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/graph/utils.py -------------------------------------------------------------------------------- /graphqler/utils/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /graphqler/utils/api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/api.py -------------------------------------------------------------------------------- /graphqler/utils/cli_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/cli_utils.py -------------------------------------------------------------------------------- /graphqler/utils/config_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/config_handler.py -------------------------------------------------------------------------------- /graphqler/utils/file_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/file_utils.py -------------------------------------------------------------------------------- /graphqler/utils/logging_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/logging_utils.py -------------------------------------------------------------------------------- /graphqler/utils/objects_bucket.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/objects_bucket.py -------------------------------------------------------------------------------- /graphqler/utils/parser_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/parser_utils.py -------------------------------------------------------------------------------- /graphqler/utils/plugins_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/plugins_handler.py -------------------------------------------------------------------------------- /graphqler/utils/protocols/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /graphqler/utils/protocols/request_utils_protocol.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/protocols/request_utils_protocol.py -------------------------------------------------------------------------------- /graphqler/utils/request_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/request_utils.py -------------------------------------------------------------------------------- /graphqler/utils/singleton.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/singleton.py -------------------------------------------------------------------------------- /graphqler/utils/stats.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/graphqler/utils/stats.py -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/pyproject.toml -------------------------------------------------------------------------------- /static/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/static/readme.md -------------------------------------------------------------------------------- /static/wordlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/static/wordlist.txt -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/integration/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/integration/test_core.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/integration/test_core.py -------------------------------------------------------------------------------- /tests/integration/test_food_delivery_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/integration/test_food_delivery_api.py -------------------------------------------------------------------------------- /tests/integration/test_user_wallet_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/integration/test_user_wallet_api.py -------------------------------------------------------------------------------- /tests/integration/utils/run_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/integration/utils/run_api.py -------------------------------------------------------------------------------- /tests/integration/utils/stats.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/integration/utils/stats.py -------------------------------------------------------------------------------- /tests/test-apis/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/.dockerignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | *.log 3 | -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/.gitignore -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/README.md -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/dbinitializer.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/dbinitializer.js -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/dockerfile -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/package-lock.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/package-lock.json -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/package.json -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/resolvers.js: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/schema.gql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/schema.gql -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/server.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/server.js -------------------------------------------------------------------------------- /tests/test-apis/food-delivery-api/testcases.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/food-delivery-api/testcases.txt -------------------------------------------------------------------------------- /tests/test-apis/test_configs/food_delivery_api_config.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/test_configs/food_delivery_api_config.toml -------------------------------------------------------------------------------- /tests/test-apis/test_configs/user_wallet_api_config.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/test_configs/user_wallet_api_config.toml -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/data/schema.gql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/user-wallet-api/data/schema.gql -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/data/schema.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/user-wallet-api/data/schema.js -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/package-lock.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/user-wallet-api/package-lock.json -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/user-wallet-api/package.json -------------------------------------------------------------------------------- /tests/test-apis/user-wallet-api/server.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/test-apis/user-wallet-api/server.js -------------------------------------------------------------------------------- /tests/unit/__init__.py: -------------------------------------------------------------------------------- 1 | # Empty init file to mark directory as Python package 2 | -------------------------------------------------------------------------------- /tests/unit/compiler/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/compiler/resolvers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/compiler/resolvers/test_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/compiler/resolvers/test_utils.py -------------------------------------------------------------------------------- /tests/unit/fixtures/introspection_result.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/fixtures/introspection_result.json -------------------------------------------------------------------------------- /tests/unit/fuzzer/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/materializer/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/materializer/utils/test_output_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/fuzzer/fengine/materializer/utils/test_output_utils.py -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/retrier/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/retrier/test_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/fuzzer/fengine/retrier/test_utils.py -------------------------------------------------------------------------------- /tests/unit/fuzzer/fengine/test_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/fuzzer/fengine/test_utils.py -------------------------------------------------------------------------------- /tests/unit/utils/__init__.py: -------------------------------------------------------------------------------- 1 | # Empty init file to mark directory as Python package 2 | -------------------------------------------------------------------------------- /tests/unit/utils/mock_plugins/request_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/utils/mock_plugins/request_utils.py -------------------------------------------------------------------------------- /tests/unit/utils/test_file_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/utils/test_file_utils.py -------------------------------------------------------------------------------- /tests/unit/utils/test_objects_bucket.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/utils/test_parser_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/utils/test_parser_utils.py -------------------------------------------------------------------------------- /tests/unit/utils/test_plugins_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/tests/unit/utils/test_plugins_handler.py -------------------------------------------------------------------------------- /uv.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/omar2535/GraphQLer/HEAD/uv.lock --------------------------------------------------------------------------------