Research Academy
My account Customers About Blog Careers Legal Contact Resellers
  1. Support Center
  2. BApp Store
  3. InQL - GraphQL Scanner

Professional Community

InQL - GraphQL Scanner

Download BApp

This extension is designed to assist in your GraphQL security testing efforts. It simplifies the identification of vulnerabilities within GraphQL endpoints by offering intuitive tools for schema analysis, query generation, and vulnerability detection. The main tool provided is a customizable scanner that analyzes a GraphQL endpoint or a local introspection schema file. It generates all possible queries and mutations, presenting them in an organized view for thorough analysis. Scanner results can be sent to Burp's Repeater or Intruder tools for further testing.

Features

  • Scanner: The core feature for analyzing GraphQL endpoints or introspection schema files. It auto-generates queries, mutations, and subscriptions, offering customizable scan options, including query depth, indentation, and points of interest analysis for detecting vulnerabilities. It also supports circular reference detection, enhanced Burp integration, and custom headers per domain for more precise testing.
  • Batch Queries: Run batch GraphQL attacks to test for rate limit bypasses and DoS vectors.
  • GraphQL Tab in Burp Message Editor: Visualize and modify GraphQL payloads directly within Burp's native HTTP message editor.
  • Schema Visualization: Send analyzed schemas to GraphiQL or GraphQL Voyager servers for enhanced analysis and visualization.

Scanner details

  • Customizable Scans: InQL offers the flexibility to customize your scans. Adjust the depth of generated queries or the number of spaces used for indentation. You can also perform "Points of Interest" scans to detect potential vulnerabilities in the GraphQL schema.
  • Points of Interest Analysis: After running a Points of Interest scan, you are presented with a rich data set covering a variety of potential vulnerabilities. You can enable or disable these categories according to your needs.
  • Circular References Detection: InQL implements circular reference detection. After analyzing the schema, it displays potentially vulnerable queries in the scanner results view.
  • Enhanced Interactions with Burp: InQL seamlessly integrates with Burp, enabling you to generate queries directly from any GraphQL request in Burp. You can also send auto-generated queries to other Burp tools for further analysis.
  • Custom Headers: You have the ability to set custom headers per domain, with the domain list auto-populated from observed traffic.

Author

 Author

Doyensec

Version

 Version

6.0.0

Rating

 Rating

Popularity

 Popularity

Last updated

 Last updated

22 May 2025

Estimated system impact

 Estimated system impact

Overall impact: High

Memory
Low
CPU
Low
General
High
Scanner
Low

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.