Performing GraphQL Security Assessment

When to Use

• During authorized penetration tests when the target application uses a GraphQL API
• When assessing single-page applications (React, Vue, Angular) that communicate via GraphQL
• For evaluating mobile app backends that expose GraphQL endpoints
• When testing microservice architectures with a GraphQL gateway or federation
• During bug bounty programs targeting GraphQL-based APIs

Prerequisites

• Authorization: Written penetration testing agreement for the target
• Burp Suite Professional: With InQL extension for GraphQL scanning
• GraphQL Voyager: Schema visualization tool
• InQL Scanner: Burp extension for GraphQL introspection and query generation
• Altair GraphQL Client: Desktop GraphQL client for interactive testing
• clairvoyance: GraphQL schema enumeration when introspection is disabled
• curl: For manual GraphQL query submission