[mderazon]

Looks like it's limited for Graphql ?

[shinymanu]

They started with GraphQL but after a while they also developed a security scanner for REST APIs that use OpenAPIs or Swagger[1].

[1] https://escape.tech/blog/rest-security-testing/

[glimow]

Thank you, yes, we originally supported GraphQL only and released REST scanning support a few months ago. We plan to support all types of APIs ultimately.