Invicti can detect GraphQL endpoints and libraries used in your web application.
GraphQL is a query language for APIs. The query language makes it easier and quicker to get data from a server to a client via an API call.
Invicti can detect GraphQL endpoints and libraries by sending specific queries to your web application.
- Invicti sends requests specific URL paths to identify a GraphQL endpoint.
- If Invicti identifies the endpoint, the scanner sends specific GraphQL queries to identify the library running behind.
Attackers can use this endpoint to stage attacks, thus securing GraphQL endpoints are critical. For further information, see Securing a GraphQL endpoint.
The GraphQL library detection is enabled by default. This article explains how to disable the library detection support.
Importing your GraphQL schema to identify vulnerabilities in your schema? See Scanning a GraphQL API for vulnerabilities.
GraphQL Detection Support fields
This table describes the fields in the GraphQL Detection Support panel.
Possible GraphQL Endpoint Paths
These are paths that Invicti searches for GraphQL Endpoints. You can add your endpoints by separating them with a comma.
Only Run On The Start Path
This lets you restrict the attacks to the start path only. If disabled, Invicti attacks every unique directory.
To deselect this security check, you need to create a custom scan policy. For further information about creating a custom policy, see Configuring Scan Policies.
How to disable the GraphQL Library Detection check in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, select Policies > New Scan Policy.
- Select Security Checks.
- Deselect GraphQL Library Detection.
- Select Save.
How to disable the GraphQL Library Detection check in Invicti Standard
- Open Invicti Standard.
- From the Home tab, select Scan Policy Editor.
- From the Scan Policy Editor window, select New.
- Select OR Deselect GraphQL Library Detection.
- Select OK to save your custom scan policy.