GraphQLmap download for Linux

This is the Linux app named GraphQLmap whose latest release can be downloaded as GraphQLmapsourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.

 
 

Download and run online this app named GraphQLmap with OnWorks for free.

Follow these instructions in order to run this app:

- 1. Downloaded this application in your PC.

- 2. Enter in our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.

- 3. Upload this application in such filemanager.

- 4. Start the OnWorks Linux online or Windows online emulator or MACOS online emulator from this website.

- 5. From the OnWorks Linux OS you have just started, goto our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.

- 6. Download the application, install it and run it.

SCREENSHOTS:


GraphQLmap


DESCRIPTION:

GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL paradigm. Because many modern applications adopt GraphQL for flexibility, this tool is useful when scanning and attacking API back ends where typical REST-based tools fall short. For a pentester, GraphQLmap speeds up discovery and exploitation workflows: you don’t just test known endpoints—you enumerate schema, fuzz fields, and chain queries. It offers a CLI, supports various HTTP methods, custom headers, proxies, and is designed to work with real-world GraphQL deployments.



Features

  • Schema dumping via introspection of GraphQL endpoints
  • Interactive CLI to craft and execute GraphQL queries
  • Field fuzzing for injection (NoSQL, SQL) within GraphQL fields
  • Support for custom HTTP headers, different methods (GET/POST), and proxying
  • Auto-completion and discovery features based on dumped schema
  • Python script installable and runnable in command-line pentest workflows


Programming Language

Python


Categories

SQL Clients

This is an application that can also be fetched from https://sourceforge.net/projects/graphqlmap.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.

Latest Linux & Windows online programs


Categories to download Software & Programs for Windows & Linux