# GraphQL [**GraphQL:**](https://github.com/graphql/graphiql) GraphQL IDE Monorepo. ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MWzrkI4_pkT-s12lEXg%2F-MWzxGbcTsw1VEN7ot_d%2Fimage.png?alt=media\&token=fdebf16f-e122-487d-98a0-5a518b76d5cb) [**GraphQLmap**](https://github.com/swisskyrepo/GraphQLmap)**:** A scripting engine to interact with a graphql endpoint for pentesting purposes. [**InQL**](https://github.com/doyensec/inql) **+ burpsuite:** InQL can be used as a stand-alone script, or as a Burp Suite extension (available for both Professional and Community editions). ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MWzyKwcIKNMyNFqpjEV%2F-MWzymn1zYVDU75wjfMX%2Finql.gif?alt=media\&token=f29e8a3a-2098-48c6-8701-4f1339a85077) {% tabs %} {% tab title="Configuration Burpsuite" %} ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MWzz5BckKTm3OxPko1V%2F-MX--czECRwHJ2q3EhMu%2Fimage.png?alt=media\&token=390cceb4-68a8-483b-8cdc-3bf53ab2dc99) Add Bearer- token ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MWzz5BckKTm3OxPko1V%2F-MX-050f6dSTlmR2TFvp%2Fimage.png?alt=media\&token=236404aa-5e29-4be1-b52d-2a778fb1cfc7) Use the context menu to send it to the Repeater (***inql: Sent to graphiQL***) ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MWzz5BckKTm3OxPko1V%2F-MX-0a_TT6wDRiSIEVmI%2Fimage.png?alt=media\&token=faeca0fe-5cec-4ec6-b580-3fb4b39e0433) ![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MgFWjA20t8diKDtF1f2%2F-MgHreOpnoe2BXcuS_4a%2Fimage.png?alt=media\&token=2c3122e3-a643-46ed-ac3e-230aee1bccda) {% endtab %} {% endtabs %} ## References {% embed url="" %} {% embed url="" %}