scan graphql
Run security scans against a GraphQL endpoint, including checks for introspection exposure and other GraphQL-specific vulnerabilities.
vulnapi scan graphql <ENDPOINT> [flags]Accepts all common flags.
Examples
Section titled “Examples”Scan a GraphQL endpoint with a bearer token
vulnapi scan graphql https://api.example.com/graphql \ -H "Authorization: Bearer <token>"Scan through a proxy
vulnapi scan graphql https://api.example.com/graphql \ -H "Authorization: Bearer <token>" \ --proxy http://localhost:8080Output results as JSON
vulnapi scan graphql https://api.example.com/graphql \ --report-format json \ --report-file report.jsonExit codes
Section titled “Exit codes”| Code | Meaning |
|---|---|
0 | Scan completed successfully |
1 | Fatal error (invalid URL, network failure, etc.) |
When a finding exceeds --severity-threshold, additional output is written to stderr. See exit behaviour.