/vuln-graphql-api

A very vulnerable implementation of a GraphQL API.

Primary LanguageTypeScript

vuln-graphql-api

This fork of vulnerable-graphql-api simplifies and cleans up the Docker build for quick deployment and testing with docker-compose.

Docker Build

  • Make sure docker-compose is present on the system.
  • Set SERVER_PORT in the environment and run docker-compose up
docker-compose up

By default, the app will listen on port 3000.

open http://localhost:3000

GitHub Actions Workflow

A sample GitHub Actions workflow is available at stackhawk.d/.github/workflows/build-and-scan.yml. Move it to the standard location in .github/workflows to enable it.

StackHawk Example Configurations

Sample StackHawk configuration files are available under stackhawk.d.