add directus, bump version

README.md

@@ -51,6 +51,7 @@ graphw00f currently attempts to discover the following GraphQL engines:
 * Strawberry - Python
 * Tartiflette - Python
 * Dgraph - JavaScript
+* Directus - TypeScript
 
 # GraphQL Technologies Defence Matrices
 Each fingerprinted technology (e.g. Graphene, Ariadne, ...) has an associated document ([example for graphene](https://github.com/dolevf/graphw00f/blob/main/docs/graphene.md)) which covers the security defence mechanisms the specific technology supports to give a better idea how the implementation may be attacked.
@@ -113,7 +114,7 @@ python3 main.py -f -t https://demo.hypergraphql.org:8484/graphql
                     |   Node Z   |
                     +------------+
 
-                graphw00f - v1.0.4
+                graphw00f - v1.0.7
           The fingerprinting tool for GraphQL
            Dolev Farhi <[email protected]>
 

docs/directus.md

@@ -0,0 +1,17 @@
+# Directus
+
+# Table of Contents
+* [About](#About)
+* [Security Features](#Security-Features)
+
+# About
+Directus is an open-source suite of software that wraps custom SQL databases with a dynamic API and intuitive Admin App. It allows both administrators and non-technical users to view and manage the content/data stored in pure SQL databases. It can be used as a headless CMS for managing project content, a database client for modeling and viewing raw data, or as customizable WebApp.
+
+# Security Features
+Directus offers the following features:
+
+```
+| Field Suggestions | Query Depth Limit  | Query Cost Analysis  | Automatic Persisted Queries | Introspection      | Debug Mode     | Batch Requests |
+|-------------------|--------------------|----------------------|-----------------------------|--------------------|----------------|----------------|
+|   On by Default   | No Support         |   No Support         |   No Support                | Enabled by Default | Off by Default |   No Support   |
+```

docs/graphql-php.md

@@ -1,4 +1,4 @@
-# ProductName
+# graphql-php
 
 # Table of Contents
 * [About](#About)

graphw00f/helpers.py

@@ -180,6 +180,12 @@ def get_engines():
       'url':'https://dgraph.io/',
       'ref':'https://github.com/dolevf/graphw00f/blob/main/docs/dgraph.md',
       'technology':['JavaScript']
+    },
+    'directus':{
+      'name':'Directus',
+      'url':'https://directus.io/',
+      'ref':'https://github.com/dolevf/graphw00f/blob/main/docs/directus.md',
+      'technology':['TypeScript']
     }
   }
 

graphw00f/lib.py

@@ -77,7 +77,8 @@ def execute(self, url):
       return 'strawberry'
     elif self.engine_tartiflette():
       return 'tartiflette'
-
+    elif self.engine_directus():
+      return 'directus'
     return None
 
   def graph_query(self, url, operation='query', payload={}):
@@ -534,3 +535,14 @@ def engine_dgraph(self):
       return True
 
     return False
+
+  def engine_directus(self):
+    query = ''
+
+    response = self.graph_query(self.url, payload=query)
+    errors = response.get('errors', [])
+    if response.get('errors', []):
+      if errors and errors[0].get('extensions', {}).get('code' '') == 'INVALID_PAYLOAD':
+        return True
+
+    return False

version.py

@@ -1 +1 @@
-VERSION = '1.0.6'
+VERSION = '1.0.7'