CTF Support
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. CTF Support
  2. /
  3. Web Exploitation
  4. /
  5. GraphQL
Edit page

GraphQL

Introduction

GraphQL APIs expose structured query endpoints that return data through flexible requests. If introspection is enabled, full schema and field enumeration becomes possible, a common web CTF vector.

Quick Reference

Task Example Payload
Enumerate schema {"query":"{__schema{types{name,fields{name}}}}"}
Query objects directly {"query":"{user(id:1){name,email}}"}

Tools

Tool Purpose
graphql-playground GUI for exploring endpoints
InQL Burp extension for GraphQL enumeration

Tips

  • Try POSTing {"query":"{__schema{types{name}}}"}, success means introspection is ON.
  • IDs and filters often leak internal logic (e.g., isAdmin, flag).