Created by: noobie-boy
Advanced GraphQL Finder is a Python-powered tool designed to detect GraphQL endpoints from a list of domains. Whether you’re a penetration tester, bug bounty hunter, or cybersecurity enthusiast, this tool simplifies the discovery of GraphQL endpoints for further exploitation or analysis.
| Feature | Description |
|---|---|
| 🎯 Dynamic Input | Accepts the domain file name at runtime. |
| ⚡ Multithreading | Quickly scans multiple domains using concurrent threads. |
| 📡 Comprehensive Detection | Identifies GraphQL endpoints using a list of common paths and response checks. |
| 📝 Detailed Reports | Saves results to graphql_advanced_results.txt for easy review. |
| 🛠️ Customizable | Expandable endpoint list and adaptable headers for authentication. |
git clone https://github.com/kishanmca2024/Advanced-GraphQL-Finder.git
cd advanced-graphql-finderEnsure you have Python 3.x installed, then run:
pip install requestsCreate a file (e.g., domain.txt) with a list of domains to scan. Use one domain per line:
example.com
test.com
http://example.org
https://secure-site.net
Run the script using Python:
python interactive_graphql_finder.pyWhen prompted, enter the name of your domain file:
Enter the domain file name (e.g., domain.txt): domain.txt
The output will be saved in graphql_advanced_results.txt. Example output:
✅ http://example.com/graphql - GraphQL Found!
❌ http://example.com/api/graphql - No response
✅ https://secure-site.net/v1/graphql - GraphQL Found!
Edit the GRAPHQL_ENDPOINTS variable in the script to add additional paths:
GRAPHQL_ENDPOINTS = [
"/graphql", "/graphiql", "/api/graphql", "/v1/graphql", "/custom/graphql"
]Add authentication headers by modifying the headers dictionary:
headers = {
"User-Agent": "AdvancedGraphQLFinder/1.0",
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
}- Change the
timeoutin therequests.getmethod to fit your network latency. - Modify the
max_workersparameter inThreadPoolExecutorfor faster or more granular performance.
| Feature | Advantage |
|---|---|
| GraphQL Path Discovery | Predefined paths ensure quick detection without manually guessing. |
| Threaded Scanning | Speeds up scanning of large domain lists with multithreading. |
| Error Handling | Gracefully handles non-responsive domains or missing files. |
| Customizable | Easily expandable for custom headers or paths. |
| Issue | Possible Cause | Solution |
|---|---|---|
FileNotFoundError |
Incorrect or missing domain file. | Ensure the file exists in the directory. |
| No endpoints detected | Rare or non-standard GraphQL paths. | Add custom paths to GRAPHQL_ENDPOINTS. |
| Slow scanning | Large domain list or network latency. | Increase max_workers or reduce timeout. |
- Save Time: Automates tedious GraphQL endpoint discovery.
- Boost Accuracy: Built-in signatures detect valid GraphQL endpoints.
- Improve Efficiency: Supports bulk scanning of domains effortlessly.
We welcome contributions!
- Fork this repository.
- Add new features or fix bugs.
- Submit a pull request for review.
This project is licensed under the MIT License.
noobie-boy is a passionate cybersecurity researcher and developer. Connect with me on GitHub or social media to share feedback, ideas, or collaborations!