Add inigo signature

dolevf · Nov 28, 2024 · 52e25d3 · 52e25d3
1 parent c29656d
commit 52e25d3
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -68,6 +68,7 @@ graphw00f currently attempts to discover the following GraphQL engines:
 * pg_graphql - Rust
 * tailcall - Rust
 * Hot Chocolate - Microsoft .NET 
+* Inigo - Go
 
 # GraphQL Threat Matrix
 The graphw00f project uses the [GraphQL Threat Matrix Project](https://github.com/nicholasaleks/graphql-threat-matrix/) as its technology security matrix database. When graphw00f successfully fingerprints a GraphQL endpoint, it will print out the threat matrix document. This document helps security engineers to identify how mature the technology is, what security features it offers, and whether it contains any CVEs.

diff --git a/graphw00f/helpers.py b/graphw00f/helpers.py
@@ -296,6 +296,12 @@ def get_engines():
       'url':'https://chillicream.com/docs/hotchocolate/v13',
       'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/hotchocolate.md',
       'technology':['C#', '.NET']
+    },
+    'inigo':{
+      'name':'inigo',
+      'url':'https://inigo.io',
+      'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/inigo.md',
+      'technology':['Go']
     }
   }
 

diff --git a/graphw00f/lib.py b/graphw00f/lib.py
@@ -43,7 +43,9 @@ def check(self, url):
 
   def execute(self, url):
     self.url = url
-    if self.engine_lighthouse():
+    if self.engine_inigo():
+      return 'inigo'
+    elif self.engine_lighthouse():
       return 'lighthouse'
     elif self.engine_caliban():
       return 'caliban'
@@ -747,4 +749,18 @@ def engine_hotchocolate(self):
     if error_contains(response, 'The specified directive `aaa` is not supported by the current schema.'):
       return True
 
-    return False
+    return False
+
+  def engine_inigo(self):
+      query = '''
+      query  {
+          __typename
+        }
+      '''
+      response = self.graph_query(self.url, payload=query)
+      if 'extensions' in response and 'inigo' in response['extensions']:
+          return True
+
+      return False
+
+
diff --git a/version.py b/version.py
@@ -1 +1 @@
-VERSION = '1.1.18'
+VERSION = '1.1.19'