GraphQL Injection,Insecure Deserialization,Header Injection
// Some codeHere are the web security tools related to GraphQL Injection, Insecure Deserialization, and Header Injection:
### Header Injection
- [headi](https://github.com/mlcsec/headi) - Customizable and automated HTTP header injection.
### Insecure Deserialization
- [ysoserial](https://github.com/frohoff/ysoserial) - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
- [GadgetProbe](https://github.com/BishopFox/GadgetProbe) - Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
- [ysoserial.net](https://github.com/pwntester/ysoserial.net) - Deserialization payload generator for a variety of .NET formatters
- [phpggc](https://github.com/ambionics/phpggc) - PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from the command line or programmatically.
### GraphQL Injection
- [inql](https://github.com/doyensec/inql) - InQL - A Burp Extension for GraphQL Security Testing
- [GraphQLmap](https://github.com/swisskyrepo/GraphQLmap) - GraphQLmap is a scripting engine to interact with a GraphQL endpoint for pentesting purposes.
- [shapeshifter](https://github.com/szski/shapeshifter) - GraphQL security testing tool
- [graphql_beautifier](https://github.com/zidekmat/graphql_beautifier) - Burp Suite extension to help make GraphQL requests more readable
- [clairvoyance](https://github.com/nikitastupin/clairvoyance) - Obtain GraphQL API schema despite disabled introspection!
Please note that these tools are intended for security testing purposes and should only be used on authorized systems.