Utilise obtained names for probing

nikitastupin / clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

Apache License 2.0

1.02k stars 92 forks source link

Utilise obtained names for probing #3

Open nikitastupin opened 3 years ago

nikitastupin commented 3 years ago

For example, we can break maxAtmospheringSpeed to max, maxAtmosphering, AtmospheringSpeed, max, Atmosphering and Speed names and use them for probing!

We can also add these to wordlist so they will be used in consequent probes 😃

Privat33r-dev commented 1 month ago

There might be a need for limitation and somewhat complex logic.

StUffLiKeThAt, whether poor naming or intentional, might make a ton of permutations. Interesting idea though.