Search Results for "graphql"

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. A public Postman collection is also available to replay solutions to the challenges.

...Search for exposed GraphQL development consoles (GraphiQL, GraphQL Playground, and other standard consoles) Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL- Leverage the templates generation by sending those requests to Burp's Repeater tool ("Send to Repeater"). Leverage the templates generation and editor support by sending those requests to embedded GraphIQL ("Send to GraphiQL") Configure the tool by using a custom settings tab.

Wabe is an open-source backend that allows you to create your own fully customizable backend in just a few minutes. It handles database access, automatic GraphQL API generation, authentication with various methods (classic or OAuth), permissions, security, and more for you.

...Continuously push the generated application to your GitHub repository. Get a Docker container with your database, a Node.js application, and a React client. Generated apps include NestJS, Prisma, REST & GraphQL API, a React admin UI, logging, authentication, and authorization. Safely customize your generated app Node.js code using your favorite IDE. Decide whether to download the app within a Docker container that’s ready for deployment or to deploy to the Amplication cloud. At any point you’re free to download the source code and continue development elsewhere. ...

OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. ...

...With React, you’ll have your pick of learning materials, design systems, and trained employees. As your project grows, so will the number of client apps that need to talk to your backend. With a GraphQL API as your foundation, you can live in a multi-client world with ease. Interacting with your database has never been easier. Prisma’s extremely popular ORM allows you to focus more on your business logic and less on the intricacies of SQL. Optional TypeScript support gives you the best of JavaScript AND the best of a type system.

...This plugin exports some handy variables that you can use in your yml files to reference some values generated by CloudFormation. This plugin adds some useful CLI commands. AppSync is currently using an older version of the Graphql Specs. This plugin intends to use modern schemas for future-proofing. Incompatibilities will either be dropped or attempted to be fixed. Old-style descriptions (using #) are supported by AppSync but will be removed by the stitching procedure which does not support them*. Comments are also not supported on enums by AppSync.

Fullstack authentication and accounts-management for Javascript. Since accounts-js is very flexible, it can be used with multiple transports. For now we provide packages for both GraphQL and REST. We provide a native mongo integration which is compatible with the meteor account system. We also have a Typeorm integration which will let you use accounts-js with any kind of databases. You can use multiple strategies to let your users access to your app. For now we support authentication via email/username and password, Oauth support is coming soon! ...

GraphQL Shield helps you create a permission layer for your application. Using an intuitive rule-API, you'll gain the power of the shield engine on every request and reduce the load time of every request with smart caching. This way you can make sure your application will remain quick, and no internal data will be exposed. Implement your server permissions in a clear and deterministic way and let it guard access to your schema.