InQL Burp Suite Plugin Integration

[MindPatch]

Community Note:

Please vote on this issue by adding a 👍 reaction to the original post to help prioritize this request.
Please avoid leaving "+1" or "me too" comments, as they generate unnecessary noise for issue followers.

---

Description:

We would like to request the integration of the InQL GraphQL analyzer plugin into Burp Suite. InQL is a comprehensive tool for discovering and analyzing GraphQL queries, and integrating it directly into Burp Suite would enhance the GraphQL testing capabilities by:

• Automatically generating queries for introspection and enumeration of GraphQL schemas.
• Allowing users to analyze GraphQL API requests and responses natively in Burp Suite.
• Enabling schema-based fuzzing and security analysis without the need for external tools.

Use Cases:

• GraphQL API Testing: Users can enumerate GraphQL schema, find hidden types and fields, and generate queries directly within Burp Suite, simplifying the testing process for modern web applications utilizing GraphQL.

• Automated Query Generation: By automatically generating queries for introspection, testers can quickly identify potential vulnerabilities such as improper authorization, excessive data exposure, or information leaks.

• Advanced API Security Analysis: Integration with Burp Suite's other tools (e.g., Repeater, Intruder) allows for deeper API testing by chaining InQL’s results with Burp Suite’s existing capabilities. This will improve efficiency and provide a seamless workflow for testing GraphQL applications.