GraphQL API recon with mitmproxy

#ethicalhacking #cybersecurity #recon #graphql

Why?

Capturing live examples of GraphQL queries and responses all in one place vastly simplifies recon.

When?

You most want to do this when introspection is disabled. Otherwise when you need examples to help make sense of the API's semantics, or to develop a better intuition for where the weaknesses may be.

How?

This script works out-of-the-box for the majority scenario: POST requests to /graphql that use the operationName parameter.

mitmdump -s capture.py

capture.py:

import json
import re

from mitmproxy import http

def response(flow: http.HTTPFlow) -> None:
  if flow.request.url.endswith('/graphql'):
    payload = json.loads(flow.request.content.decode('utf-8'))
    filename = re.sub(r'[^a-zA-Z0-9]', '_', payload['operationName']) + '.example.txt'
    with open(filename, 'w') as f:
      json.dump(payload, fp=f, indent=2)
      f.write(f"\n\n// ==== REQUEST ====\n\n")
      f.write(f"{payload['query']}\n\n")
      f.write("// ==== RESPONSE ====\n\n")
      json.dump(json.loads(flow.response.content), fp=f, indent=2)

The Future of AI, LLMs, and Observability on Google Cloud

Datadog sat down with Google’s Director of AI to discuss the current and future states of AI, ML, and LLMs on Google Cloud. Discover 7 key insights for technical leaders, covering everything from upskilling teams to observability best practices

Learn More

DEV Community

GraphQL API recon with mitmproxy

Why?

When?

How?

The Future of AI, LLMs, and Observability on Google Cloud

Top comments (0)

The Next Generation Developer Platform

Read next

"Unlocking Efficiency: LServe's Breakthrough in Long-Sequence Language Models"

The Future of Server-Side WebAssembly

Art Blocks and the Future of Open Source with Blockchain

ReductStore v1.14.0 Released With Many Improvements