graphicator: GraphQL enumeration and extraction tool
Graphicator
Graphicator is a GraphQL “scraper” / extractor. The tool iterates over the introspection document returned by the targeted GraphQL endpoint, and then re-structures the schema in an internal form so it can re-create the supported queries. When such questions are created are used to send requests to the endpoint and save the returned response to a file.
Erroneous responses are not saved. By default the tool caches the correct responses and also caches the errors, thus when re-running the tool it won’t go into the same queries again.
Use it wisely and only for targets you have permission to interact with.
We hope the tool will automate your own tests as a penetration tester and gives some push even to those that don’t do GraphQLing test.
Installation
Install on your system
python3 -m pip install -r requirements.txt
Using a container instead
docker run –rm -it -p8005:80 cybervelia/graphicator –target http://the-target:port/graphql –verbose
When the task is done it zips the results and such zip is provided via a web server served on port 8005. To kill the container, provide CTRL+C. When the container is stopped the data are deleted too. Also, you may change the host port according to your needs.
Use
Output Structure
Three folders are created:
- reqcache: The response of each valid query is stored in JSON format
- reqcache-intro: All introspection queries are stored in a separate file in this directory
- reqcache-queries: All queries are stored in a separate file in this directory. The filename of each query will match the corresponding filename in the reqcache directory that holds the query’s response.
The filename is the hash that takes account the query and the url.
Tutorial
Copyright (c) 2023 cybervelia
