Damn Vulnerable GraphQL Application

Reading Time: < 1 minute

GraphQL has been a technology I’ve been focusing a lot on in my day job. GraphQL is a query language made by Facebook, and can be an alternative to REST.

I have spent quite some time researching how to defend GraphQL properly. My journey into researching GraphQL included searching for a Damn Vulnerable version of GraphQL, which didn’t exist. At least not one that covers all the major issues with GraphQL that satisfied me.

Long story short, I created a Damn Vulnerable GraphQL Application that allows exploring GQL as a technology, while also providing a safe environment to attack a poorly implemented GraphQL setup. In addition, there’s a focus on educational content for defenders, suitable for both GQL experts and novices.

DVGA can be found on my GitHub

Leave a Reply

Your email address will not be published. Required fields are marked *