| title | scan graphql |
|---|---|
| description | Scan a GraphQL endpoint for security vulnerabilities. |
Run security scans against a GraphQL endpoint, including checks for introspection exposure and other GraphQL-specific vulnerabilities.
vulnapi scan graphql <ENDPOINT> [flags]Accepts all common flags.
Scan a GraphQL endpoint with a bearer token
vulnapi scan graphql https://api.example.com/graphql \
-H "Authorization: Bearer <token>"Scan through a proxy
vulnapi scan graphql https://api.example.com/graphql \
-H "Authorization: Bearer <token>" \
--proxy http://localhost:8080Output results as JSON
vulnapi scan graphql https://api.example.com/graphql \
--report-format json \
--report-file report.json| Code | Meaning |
|---|---|
0 |
Scan completed successfully |
1 |
Fatal error (invalid URL, network failure, etc.) |
When a finding exceeds --severity-threshold, additional output is written to stderr. See exit behaviour.