Added GraphCrawler to list of tools (#3)

Signed-off-by: gsmith257-cyber <55564824+gsmith257-cyber@users.noreply.github.com>
Escape-Technologies · Jul 15, 2022 · d9dd70d · d9dd70d
1 parent 53f3f7e
commit d9dd70d
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/README.md b/README.md
@@ -46,6 +46,7 @@ A curated list of awesome GraphQL Security frameworks, libraries, software and r
 
 ### Exploitation
 
+- [GraphCrawler](https://github.com/gsmith257-cyber/GraphCrawler) - A GraphQL automated security toolkit. It will grab schemas, either through introspection or clairvoyance, search for sensative queries, and then test authorization. It also has the ability to use graphql-path-enum to grab the paths to different types from the schemas it grabs.
 - [Clairvoyance](https://github.com/nikitastupin/clairvoyance) - Patrial introspection fetcher when introspection is disabled
 - [CrackQL](https://github.com/nicholasaleks/CrackQL) - GraphQL password brute-force and fuzzing utility.
 - [GraphQLMap](https://github.com/swisskyrepo/GraphQLmap) - A scripting engine to interact with a GraphQL endpoint for pentesting purposes.