free security tools
← Back to tools

GraphQL Introspection Checker

Send an introspection query to a GraphQL endpoint and discover the schema. Useful for API recon and attack surface mapping. All processing client-side.

Result

Enter a GraphQL endpoint URL and click Check.

What is GraphQL Introspection?

Discover GraphQL schemas through introspection queries. Map types, queries, mutations, and subscriptions for API recon.

FAQ

What is GraphQL introspection?
Introspection is a built-in GraphQL feature that lets clients query the schema itself. It reveals all types, fields, and operations.
Why is introspection a security risk?
Introspection exposes the complete API structure to anyone. Attackers use it to find hidden queries, admin operations, and sensitive fields.

Related Tools