add agoo

dolevf · Apr 25, 2022 · 1538872 · 1538872
1 parent 6877e2c
commit 1538872
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -55,6 +55,7 @@ graphw00f currently attempts to discover the following GraphQL engines:
 * AWS AppSync
 * GraphQL Yoga - TypeScript
 * Lighthouse - PHP
+* Agoo - Ruby
 
 # GraphQL Technologies Defence Matrices
 Each fingerprinted technology (e.g. Graphene, Ariadne, ...) has an associated document ([example for graphene](https://github.com/dolevf/graphw00f/blob/main/docs/graphene.md)) which covers the security defence mechanisms the specific technology supports to give a better idea how the implementation may be attacked.

diff --git a/docs/agoo.md b/docs/agoo.md
@@ -0,0 +1,17 @@
+# Agoo
+
+# Table of Contents
+* [About](#About)
+* [Security Features](#Security-Features)
+
+# About
+A High Performance HTTP Server for Ruby
+
+# Security Features
+Agoo offers the following features:
+
+```
+| Field Suggestions | Query Depth Limit | Query Cost Analysis | Automatic Persisted Queries | Introspection      | Debug Mode     | Batch Requests                |
+|-------------------|-------------------|---------------------|-----------------------------|--------------------|----------------|-------------------------------|
+| Not Available     | Not Supported     | Not Supported       | Not Supported               | Enabled by Default | Off by Default | Not Supported (Array-based)   |
+```
diff --git a/graphw00f/helpers.py b/graphw00f/helpers.py
@@ -204,6 +204,12 @@ def get_engines():
       'url':'https://github.com/nuwave/lighthouse',
       'ref':'https://github.com/dolevf/graphw00f/blob/main/docs/lighthouse.md',
       'technology':['PHP']
+    },
+    'agoo':{
+      'name':'Agoo',
+      'url':'https://github.com/ohler55/agoo',
+      'ref':'https://github.com/dolevf/graphw00f/blob/main/docs/agoo.md',
+      'technology':['Ruby']
     }
   }
 

diff --git a/graphw00f/lib.py b/graphw00f/lib.py
@@ -43,6 +43,8 @@ def execute(self, url):
       return 'lighthouse'
     elif self.engine_graphql_yoga():
       return 'graphql_yoga'
+    elif self.engine_agoo():
+      return 'agoo'
     elif self.engine_dgraph():
       return 'dgraph'
     elif self.engine_graphene():
@@ -581,3 +583,15 @@ def engine_lighthouse(self):
       return True
 
     return False 
+
+  def engine_agoo(self):
+    query = '''
+      query { 
+        zzz 
+      }
+    '''
+    response = self.graph_query(self.url, payload=query)
+    if error_contains(response, 'eval error', part='code'):
+      return True
+
+    return False
diff --git a/version.py b/version.py
@@ -1 +1 @@
-VERSION = '1.1.0'
+VERSION = '1.1.1'