Skip to content

Releases: dolevf/Damn-Vulnerable-GraphQL-Application

2.1.2

12 Jul 15:13
da68382
Compare
Choose a tag to compare
Merge pull request #56 from dolevf/blackhatgraphql

Test, version

2.1.0

03 Jul 03:50
7eb17a0
Compare
Choose a tag to compare

Added

  • Authentication and Authorization
  • New scenarios added

2.0.6

08 Jun 13:56
fd99819
Compare
Choose a tag to compare
  • Added new solutions
  • Bug fixes

2.0.2

20 May 18:22
50fc7ee
Compare
Choose a tag to compare

Added

  • Persist difficulty mode on header changes and global through the UI.

Fixed

  • Subscriptions are only called on private/public pages.
  • Fix autoload pastes

2.0.0

04 Apr 02:23
b4dfa75
Compare
Choose a tag to compare

Added

  • Subscriptions
  • UI Improvements

1.3.4

26 Mar 04:25
5314143
Compare
Choose a tag to compare

Added
SQL Injection Scenario

Changed
Fixed an incorrect solution query

1.3.3

25 Mar 01:54
a325d76
Compare
Choose a tag to compare
  • Added a client directive
  • Renamed field p_id to id
  • Consolidated audit funciton

1.3.2

24 Feb 06:12
Compare
Choose a tag to compare
  • Removed Relay
  • Updated solutions and fixed bugs

1.3.1

11 Sep 05:16
Compare
Choose a tag to compare
  • Add Reconnaissance section
    • Detecting GraphQL
    • Fingerprinting GraphQL

1.3.0

18 Apr 01:50
Compare
Choose a tag to compare

New Vulnerabilities
DoS - Field Duplication Attack
DoS - Alias based Attack

New Protections
GraphQL Operation Name whitelisting

** Changes **
Removed the base64 encoding requirement in the cookie to bypass graphiql protection.