Releases: dolevf/Damn-Vulnerable-GraphQL-Application
Releases · dolevf/Damn-Vulnerable-GraphQL-Application
2.1.2
Merge pull request #56 from dolevf/blackhatgraphql
Test, version
2.1.0
Added
- Authentication and Authorization
- New scenarios added
2.0.6
- Added new solutions
- Bug fixes
2.0.2
Added
- Persist difficulty mode on header changes and global through the UI.
Fixed
- Subscriptions are only called on private/public pages.
- Fix autoload pastes
2.0.0
Added
- Subscriptions
- UI Improvements
1.3.4
Added
SQL Injection Scenario
Changed
Fixed an incorrect solution query
1.3.3
- Added a client directive
- Renamed field p_id to id
- Consolidated audit funciton
1.3.2
- Removed Relay
- Updated solutions and fixed bugs
1.3.1
- Add Reconnaissance section
- Detecting GraphQL
- Fingerprinting GraphQL
1.3.0
New Vulnerabilities
DoS - Field Duplication Attack
DoS - Alias based Attack
New Protections
GraphQL Operation Name whitelisting
** Changes **
Removed the base64 encoding requirement in the cookie to bypass graphiql protection.