Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. A public Postman collection is also available to replay solutions to the challenges. DVGA supports Beginner and Expert level game modes, which will change the exploitation difficulty.

Features

  • Resource Intensive Query Attack
  • GraphQL Introspection
  • GraphQL Interface Protection Bypass
  • GraphQL Query Weak Password Protection
  • Deep Recursion Query Attack
  • DVGA supports Beginner and Expert level game modes

Project Samples

Damn Vulnerable GraphQL Application Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow Damn Vulnerable GraphQL Application

Damn Vulnerable GraphQL Application Web Site

Other Useful Business Software
Auth0 B2B Essentials: SSO, MFA, and RBAC Built In Icon
Auth0 B2B Essentials: SSO, MFA, and RBAC Built In

Unlimited organizations, 3 enterprise SSO connections, role-based access control, and pro MFA included. Dev and prod tenants out of the box.

Auth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
Sign Up Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Damn Vulnerable GraphQL Application!

Additional Project Details

Programming Language

JavaScript

Related Categories

JavaScript Security Software

Registered

2023-03-03
Report inappropriate content