📊GraphQL API Vulnerabilities
Enumerate GraphQL Endpoints
Universal Queries
Request
query{__typename}
Response
{"data": {"__typename": "query"}}
Common Endpoints
/graphql
/api
/api/graphql
/graphql/api
/graphql/graphql
Request Methods
GET: use a content-type of
x-www-form-urlencoded
POST: have a content-type of
application/json
Last updated
Was this helpful?