[addtool] InQL

[gwen001]

[link]https://github.com/doyensec/inql[/link] [short_descr]Burp Extension for GraphQL Security Testing.[/short_descr] [tags]burpsuite,graphql,scanner[/tags] [long_descr]A security testing tool to facilitate GraphQL technology security auditing efforts.

InQL can be used as a stand-alone script or as a Burp Suite extension.

Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries.

Features:

• Search for known GraphQL URL paths
• Search for exposed GraphQL development consoles
• Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL
• Leverage the templates generation by sending those requests to Burp's Repeater tool
• Leverage the templates generation and editor support by sending those requests to embedded GraphIQL
• Configure the tool by using a custom settings tab[/long_descr]

[gwen001]

Issue correctly handled, tool is waiting for human validation.

[gwen001]

Tool has been accepted: https://offsec.tools/tool/inql

Thank you!