Skip to content
/ safeql Public

GraphQL developer tool with metrics and security features

License

MIT license
29 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

oslabs-beta/safeql

BranchesTags

Repository files navigation

SafeQL

Developer Tool for GraphQL API Security and Performance Testing


Description

SafeQL is an easy-to-use web-based GUI for GraphQL API security and performance testing. It allows users to test the performance of their GraphQL API by displaying a query's response time (upcoming metrics to include status code, overhead, throughput, and load capacity.) It also tests if their GraphQL API is protected against DDOS attacks.

Users can keep track of all analytics run while exploring the API by sending it different kinds of data to see what values are returned.

Currently in Alpha.

Installation

  1. Fork this repo and clone to local machine.
  2. Run npm i to install dependencies.
  3. Run npm start dev.
  4. Visit localhost:3000.

No account is required to make use of the application, so you can jump right in. Since no data is saved past session ending, your data is closed off from external influences ensuring complete security and separation of concerns.

Now, let's test your endpoint!

Viewing Analytics Information

After opening the application you'll see three sections - an area to input the URL of the GraphQL API along with a code editor, another code editor, and the analytics sections.

Testing Response Time (upcoming features: Query Overhead, Status, Throughput, and Load)

Enter the URL of the GraphQL API and type in the query you want to test. Click Run to automatically run all associated tests

Testing the security of your GraphQL API

Enter the URL of the GraphQL API. You don't need to enter a query string. If a query is entered, it won't affect the results. Choose from the drop down menu and select, Security, click on the Submit button to determine if the query passes or fails the DOS test.



Testing the security of your schema

Once you click onto to the Schema page, there is an codebox for copying your schema in securely, since your schema are only saved for the session. Submit your schema for an interactive table visualization that displays any schema that allow for a circular reference that could be exploited.




Tech Stack

Frontend Development nextJS tailwind react webpack babel Backend Development nodejs express graphql
Databases postgresql Programming Languages javascript typescript
Testing jest cypress Other jest

Read More

Read about us!!

Co-Creators

Victor He - GitHub | LinkedIn | Twitter
Collin Twibell - GitHub | LinkedIn
Etana Kopin - GitHub | LinkedIn
Mariko Iwata - GitHub | LinkedIn
Christopher Kim - GitHub | LinkedIn

About

GraphQL developer tool with metrics and security features

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

29 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Sponsor this project

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages