Damn Vulnerable GraphQL Application Versions Save

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

2.1.2

1 year ago

2.1.0

1 year ago

Added

Authentication and Authorization
New scenarios added

2.0.6

1 year ago

Added new solutions
Bug fixes

2.0.2

1 year ago

Added

Persist difficulty mode on header changes and global through the UI.

Fixed

Subscriptions are only called on private/public pages.
Fix autoload pastes

2.0.0

2 years ago

Added

Subscriptions
UI Improvements

1.3.4

2 years ago

Added SQL Injection Scenario

Changed Fixed an incorrect solution query

1.3.3

2 years ago

Added a client directive
Renamed field p_id to id
Consolidated audit funciton

1.3.2

2 years ago

Removed Relay
Updated solutions and fixed bugs

1.3.1

2 years ago

Add Reconnaissance section
- Detecting GraphQL
- Fingerprinting GraphQL

1.3.0

3 years ago

New Vulnerabilities DoS - Field Duplication Attack DoS - Alias based Attack

New Protections GraphQL Operation Name whitelisting

** Changes ** Removed the base64 encoding requirement in the cookie to bypass graphiql protection.