SUPPORT

Contact Support

OPEN A TICKET

Scanning a GraphQL API for vulnerabilities

Netsparker scans GraphQL based application programming interfaces (APIs).

GraphQL-developed by Facebook in 2012 and released in 2015- is a query language for APIs. The query language makes it easier and quicker to get data from a server to a client via an API call.

  • GraphQL is designed to prioritize providing clients exactly the data they request. This prioritization, therefore, prevents large amounts of data from being returned.
  • It lets you make more complicated queries that reduce the number of API requests that must be made.
  • All input data is type-checked against a schema defined by the developer, assisting with data validation.

This topic explains how to import a GraphQL schema and scan your web application to identify vulnerabilities in GraphQL.

Key concepts in GraphQL

This is a list of key concepts in GraphQL.

Concept

Description

Schema

A GraphQL schema is at the heart of any GraphQL server implementation. The schema describes the functionality available to the clients which connect to it.

Mutation

A GraphQL operation that creates, modifies, or destroys data.

Introspection

A special query that enables clients and tools to fetch a GraphQL server's complete schema. 

Query

A read-only fetch operation to request data from a GraphQL service.

Scanning a GraphQL API for vulnerabilities

Netsparker supports the scanning of GraphQL-based APIs, leveraging the web application’s existing security checks. To scan, you must import the GraphQL Schema to Netsparker. Then, Netsparker will start attacking to identify the following vulnerabilities:

  • Blind Command Injection
  • Blind SQL Injection
  • Command Injection
  • Local File Inclusion
  • Out-of-Band Remote Code Execution
  • Server-side Request Forgery
  • Remote Code Execution

So, there are two ways to import a GraphQL Schema. Each is outlined as the following sections:

Importing the GraphQL schema from the file to Netsparker

How to import GraphQL Schema from the file in Netsparker Enterprise
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Scans > New Scan.
  3. From the Scan Settings section, select Links/API Definitions.
  4. From the From File section, select GraphQL Schema/Introspection.

  1. From the Add an URL dialog, enter the URL that has the GraphQL endpoints. Select OK.
  2. From the opened window, select the schema file. Then, select Open.
  3. Once the scanner imports all the schema you can see them in the list of Imported Links as seen in the screenshot.

  1. Select Launch to start scanning.

Importing the GraphQL schema from the URL to Netsparker

How to import GraphQL Schema from the URL in Netsparker Enterprise
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Scans > New Scan.
  3. From the Scan Settings section, select Links/API Definitions.
  4. From the From URL section, select GraphQL Schema/Introspection.

  1. From the Add an URL dialog, enter the GraphQL Endpoint URL. If necessary, select the Enable Custom Introspection Query to customize the query.

  1. Select OK to import the definition file from the URL to Netsparker.

  1. Select Launch to start scanning.
Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

Get a demo