npm - @waftester/cli - Versions diffs - 2.8.0 - Mend

@waftester/cli 2.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (141) hide show

package/LICENSE +80 -0
package/LICENSE-COMMUNITY +28 -0
package/README.md +121 -0
package/bin/cli.js +152 -0
package/package.json +52 -0
package/payloads/community/README.md +45 -0
package/payloads/community/ai/ml-poisoning.json +173 -0
package/payloads/community/ai/prompt-injection.json +247 -0
package/payloads/community/ai/workflow-abuse.json +222 -0
package/payloads/community/auth/jwt.json +855 -0
package/payloads/community/auth/login-bypass.json +623 -0
package/payloads/community/auth/mfa.json +402 -0
package/payloads/community/auth/oauth.json +421 -0
package/payloads/community/auth/open-redirect.json +1028 -0
package/payloads/community/auth/session.json +404 -0
package/payloads/community/cache/deception.json +402 -0
package/payloads/community/cache/poisoning.json +403 -0
package/payloads/community/deserialization/gadget.json +375 -0
package/payloads/community/deserialization/prototype.json +370 -0
package/payloads/community/fuzz/content-type.json +397 -0
package/payloads/community/fuzz/headers.json +401 -0
package/payloads/community/fuzz/methods.json +397 -0
package/payloads/community/fuzz/obfuscation.json +362 -0
package/payloads/community/fuzz/special-chars.json +740 -0
package/payloads/community/fuzz/waf-bypass.json +452 -0
package/payloads/community/graphql/batching-abuse.json +271 -0
package/payloads/community/graphql/depth-limit.json +271 -0
package/payloads/community/graphql/introspection.json +267 -0
package/payloads/community/injection/crlf.json +569 -0
package/payloads/community/injection/ldap.json +357 -0
package/payloads/community/injection/nosqli.json +529 -0
package/payloads/community/injection/oscmd.json +662 -0
package/payloads/community/injection/rce-polyglots.json +452 -0
package/payloads/community/injection/sqli.json +681 -0
package/payloads/community/injection/ssti.json +584 -0
package/payloads/community/injection/upload-attacks.json +632 -0
package/payloads/community/injection/xpath.json +357 -0
package/payloads/community/injection/xxe.json +716 -0
package/payloads/community/logic/forced-browsing.json +405 -0
package/payloads/community/logic/idor.json +1026 -0
package/payloads/community/logic/privilege.json +337 -0
package/payloads/community/media/exif-injection.json +225 -0
package/payloads/community/media/metadata-poison.json +239 -0
package/payloads/community/protocol/http-smuggling.json +798 -0
package/payloads/community/protocol/http2-attacks.json +382 -0
package/payloads/community/protocol/websocket-abuse.json +375 -0
package/payloads/community/rate-limit/burst-simulation.json +286 -0
package/payloads/community/rate-limit/bypass-attempts.json +326 -0
package/payloads/community/rate-limit/zone-tests.json +332 -0
package/payloads/community/services/authentik.json +415 -0
package/payloads/community/services/immich.json +423 -0
package/payloads/community/services/n8n.json +366 -0
package/payloads/community/sqli-basic.json +182 -0
package/payloads/community/ssrf/cloud-metadata.json +999 -0
package/payloads/community/ssrf/dns-rebinding.json +503 -0
package/payloads/community/ssrf/internal-networks.json +627 -0
package/payloads/community/ssrf/protocol-smuggling.json +350 -0
package/payloads/community/ssti/multi-language-templates.json +191 -0
package/payloads/community/ssti/python-templates.json +200 -0
package/payloads/community/traversal/basic.json +675 -0
package/payloads/community/traversal/cloud-credentials.json +107 -0
package/payloads/community/traversal/config-files.json +193 -0
package/payloads/community/traversal/encoding.json +558 -0
package/payloads/community/traversal/null-byte.json +105 -0
package/payloads/community/traversal/symlink.json +93 -0
package/payloads/community/traversal/unicode.json +134 -0
package/payloads/community/traversal/unix-advanced.json +195 -0
package/payloads/community/traversal/windows-advanced.json +195 -0
package/payloads/community/waf-bypass/cloudflare-bypass.json +102 -0
package/payloads/community/waf-bypass/encoding-bypass.json +120 -0
package/payloads/community/waf-bypass/evasion-techniques.json +164 -0
package/payloads/community/waf-bypass/hpp-bypass.json +92 -0
package/payloads/community/waf-bypass/modsecurity-crs.json +220 -0
package/payloads/community/waf-bypass/protocol-attacks.json +101 -0
package/payloads/community/waf-bypass/sqlmap-tamper.json +252 -0
package/payloads/community/waf-bypass/unicode-charset.json +152 -0
package/payloads/community/waf-bypass/vendor-bypasses.json +72 -0
package/payloads/community/waf-validation/README.md +172 -0
package/payloads/community/waf-validation/bypass-techniques.json +272 -0
package/payloads/community/waf-validation/custom-rules.json +952 -0
package/payloads/community/waf-validation/evasion-techniques.json +272 -0
package/payloads/community/waf-validation/modsecurity-core.json +151 -0
package/payloads/community/waf-validation/owasp-top10.json +236 -0
package/payloads/community/waf-validation/regression-tests.json +227 -0
package/payloads/community/xss/csp-bypass.json +431 -0
package/payloads/community/xss/dom.json +389 -0
package/payloads/community/xss/filter-bypass.json +1242 -0
package/payloads/community/xss/mutation.json +263 -0
package/payloads/community/xss/polyglots.json +371 -0
package/payloads/community/xss/reflected.json +187 -0
package/payloads/community/xss/stored.json +330 -0
package/payloads/crlf-injection.json +182 -0
package/payloads/ids-map.json +155 -0
package/payloads/ldap-injection.json +182 -0
package/payloads/nosql-injection.json +227 -0
package/payloads/prototype-pollution.json +182 -0
package/payloads/request-smuggling.json +182 -0
package/payloads/version.json +28 -0
package/payloads/xss-advanced.json +227 -0
package/templates/README.md +221 -0
package/templates/nuclei/http/waf-bypass/crlf-bypass.yaml +146 -0
package/templates/nuclei/http/waf-bypass/lfi-bypass.yaml +152 -0
package/templates/nuclei/http/waf-bypass/nosqli-bypass.yaml +166 -0
package/templates/nuclei/http/waf-bypass/rce-bypass.yaml +171 -0
package/templates/nuclei/http/waf-bypass/sqli-basic.yaml +142 -0
package/templates/nuclei/http/waf-bypass/sqli-evasion.yaml +192 -0
package/templates/nuclei/http/waf-bypass/ssrf-bypass.yaml +130 -0
package/templates/nuclei/http/waf-bypass/ssti-bypass.yaml +147 -0
package/templates/nuclei/http/waf-bypass/xss-basic.yaml +163 -0
package/templates/nuclei/http/waf-bypass/xss-evasion.yaml +217 -0
package/templates/nuclei/http/waf-bypass/xxe-bypass.yaml +204 -0
package/templates/nuclei/http/waf-detection/akamai-detect.yaml +105 -0
package/templates/nuclei/http/waf-detection/aws-waf-detect.yaml +115 -0
package/templates/nuclei/http/waf-detection/azure-waf-detect.yaml +114 -0
package/templates/nuclei/http/waf-detection/cloudflare-detect.yaml +121 -0
package/templates/nuclei/http/waf-detection/modsecurity-detect.yaml +129 -0
package/templates/nuclei/workflows/waf-assessment-workflow.yaml +71 -0
package/templates/output/asff.tmpl +61 -0
package/templates/output/csv.tmpl +4 -0
package/templates/output/junit.tmpl +34 -0
package/templates/output/markdown-report.tmpl +92 -0
package/templates/output/slack-notification.tmpl +95 -0
package/templates/output/text-summary.tmpl +56 -0
package/templates/overrides/api-only.yaml +130 -0
package/templates/overrides/crs-tuning.yaml +204 -0
package/templates/overrides/false-positive-suppression.yaml +159 -0
package/templates/policies/owasp-top10.yaml +152 -0
package/templates/policies/pci-dss.yaml +124 -0
package/templates/policies/permissive.yaml +40 -0
package/templates/policies/standard.yaml +57 -0
package/templates/policies/strict.yaml +72 -0
package/templates/report-configs/compliance.yaml +173 -0
package/templates/report-configs/dark.yaml +136 -0
package/templates/report-configs/enterprise.yaml +175 -0
package/templates/report-configs/minimal.yaml +84 -0
package/templates/report-configs/print.yaml +139 -0
package/templates/workflows/api-scan.yaml +132 -0
package/templates/workflows/ci-gate.yaml +129 -0
package/templates/workflows/full-scan.yaml +133 -0
package/templates/workflows/quick-probe.yaml +80 -0
package/templates/workflows/waf-detection.yaml +89 -0

package/payloads/community/graphql/batching-abuse.json ADDED Viewed

@@ -0,0 +1,271 @@
+[
+  {
+      "id": "GQL-BATCH-001",
+      "payload": "[{\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}]",
+      "tags": [
+        "batching",
+        "multiple-ops",
+        "quick",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "5 identical queries in single batch request",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-002",
+      "payload": "[{\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}, {\"query\": \"{ user { id } }\"}]",
+      "tags": [
+        "batching",
+        "dos",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "10 queries in single batch (DoS amplification)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-003",
+      "payload": "{\"query\": \"{ a: user { id } b: user { id } c: user { id } d: user { id } e: user { id } f: user { id } g: user { id } h: user { id } i: user { id } j: user { id } }\"}",
+      "tags": [
+        "batching",
+        "alias-abuse",
+        "quick",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "10 aliased identical queries in single operation",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-004",
+      "payload": "{\"query\": \"{ user1: user(id: 1) { id } user2: user(id: 2) { id } user3: user(id: 3) { id } user4: user(id: 4) { id } user5: user(id: 5) { id } user6: user(id: 6) { id } user7: user(id: 7) { id } user8: user(id: 8) { id } user9: user(id: 9) { id } user10: user(id: 10) { id } }\"}",
+      "tags": [
+        "batching",
+        "alias-enumeration"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "10 different user queries with aliases (ID enumeration)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-005",
+      "payload": "{\"query\": \"{ a: __schema { types { name } } b: __schema { types { name } } c: __schema { types { name } } d: __schema { types { name } } e: __schema { types { name } } }\"}",
+      "tags": [
+        "batching",
+        "introspection-spam"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "5 aliased introspection queries (amplification + info disclosure)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-006",
+      "payload": "[{\"query\": \"mutation { createPost(title: \\\"test1\\\") { id } }\"}, {\"query\": \"mutation { createPost(title: \\\"test2\\\") { id } }\"}, {\"query\": \"mutation { createPost(title: \\\"test3\\\") { id } }\"}, {\"query\": \"mutation { createPost(title: \\\"test4\\\") { id } }\"}, {\"query\": \"mutation { createPost(title: \\\"test5\\\") { id } }\"}]",
+      "tags": [
+        "batching",
+        "mutation-batch",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "5 mutations in single batch (data modification amplification)",
+      "destructive": true,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-007",
+      "payload": "{\"query\": \"mutation { a: createPost(title: \\\"test1\\\") { id } b: createPost(title: \\\"test2\\\") { id } c: createPost(title: \\\"test3\\\") { id } d: createPost(title: \\\"test4\\\") { id } e: createPost(title: \\\"test5\\\") { id } }\"}",
+      "tags": [
+        "batching",
+        "aliased-mutations",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "5 aliased mutations in single operation",
+      "destructive": true,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-008",
+      "payload": "{\"query\": \"{ users { a: id b: id c: id d: id e: id f: id g: id h: id i: id j: id } }\"}",
+      "tags": [
+        "batching",
+        "field-duplication"
+    ],
+      "expected_block": true,
+      "severity_hint": "Medium",
+      "notes": "Same field requested 10 times with different aliases",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-009",
+      "payload": "[{\"query\": \"{ user { posts { comments { id } } } }\"}, {\"query\": \"{ user { posts { comments { id } } } }\"}, {\"query\": \"{ user { posts { comments { id } } } }\"}]",
+      "tags": [
+        "batching",
+        "complex-ops"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "3 complex nested queries in single batch",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-010",
+      "payload": "{\"query\": \"query Op1 { user { id } } query Op2 { user { id } } query Op3 { user { id } } query Op4 { user { id } } query Op5 { user { id } }\"}",
+      "tags": [
+        "batching",
+        "multiple-named-ops"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "5 named operations in single query string",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-011",
+      "payload": "[{\"query\": \"{ user { id } }\", \"operationName\": \"Op1\"}, {\"query\": \"{ user { id } }\", \"operationName\": \"Op2\"}, {\"query\": \"{ user { id } }\", \"operationName\": \"Op3\"}]",
+      "tags": [
+        "batching",
+        "named-batch"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "3 named operations in batch array",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-012",
+      "payload": "{\"query\": \"{ a: user { friends { id } } b: user { friends { id } } c: user { friends { id } } d: user { friends { id } } e: user { friends { id } } }\"}",
+      "tags": [
+        "batching",
+        "relation-spam"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "5 aliased queries with expensive relations",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-013",
+      "payload": "{\"query\": \"fragment UserData on User { id email username } query { a: user { ...UserData } b: user { ...UserData } c: user { ...UserData } d: user { ...UserData } e: user { ...UserData } }\"}",
+      "tags": [
+        "batching",
+        "fragment-reuse"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "5 aliased queries reusing same fragment",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-014",
+      "payload": "{\"query\": \"{ user { a: posts { id } b: posts { id } c: posts { id } d: posts { id } e: posts { id } } }\"}",
+      "tags": [
+        "batching",
+        "subfield-aliases"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "Same subfield requested 5 times with aliases",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-015",
+      "payload": "[{\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}, {\"query\": \"{ __typename }\"}]",
+      "tags": [
+        "batching",
+        "typename-spam"
+    ],
+      "expected_block": true,
+      "severity_hint": "Medium",
+      "notes": "10 __typename queries in batch (minimal payload amplification)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-016",
+      "payload": "{\"query\": \"{ a: user(id: 1) { b: friends { c: posts { d: comments { id } } } } e: user(id: 2) { f: friends { g: posts { h: comments { id } } } } }\"}",
+      "tags": [
+        "batching",
+        "overlapping-types",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "2 deep nested queries with alias collision (overlapping User type)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-017",
+      "payload": "[{\"query\": \"subscription { userCreated { id } }\"}, {\"query\": \"subscription { userCreated { id } }\"}, {\"query\": \"subscription { userCreated { id } }\"}]",
+      "tags": [
+        "batching",
+        "subscription-spam"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "3 subscription operations in batch (connection exhaustion)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-018",
+      "payload": "{\"query\": \"query { a: search(query: \\\"test\\\") { id } b: search(query: \\\"test\\\") { id } c: search(query: \\\"test\\\") { id } d: search(query: \\\"test\\\") { id } e: search(query: \\\"test\\\") { id } }\"}",
+      "tags": [
+        "batching",
+        "search-amplification"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "5 aliased search queries (expensive operation amplification)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-019",
+      "payload": "[{\"query\": \"{ user { posts(first: 100) { id } } }\"}, {\"query\": \"{ user { posts(first: 100) { id } } }\"}, {\"query\": \"{ user { posts(first: 100) { id } } }\"}]",
+      "tags": [
+        "batching",
+        "pagination-abuse"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "3 batched queries with large pagination (300 total records)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-BATCH-020",
+      "payload": "{\"query\": \"{ a: user { id name email } b: user { id name email } c: user { id name email } d: user { id name email } e: user { id name email } f: user { id name email } g: user { id name email } h: user { id name email } i: user { id name email } j: user { id name email } k: user { id name email } l: user { id name email } m: user { id name email } n: user { id name email } o: user { id name email } }\"}",
+      "tags": [
+        "batching",
+        "extreme-aliasing",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "15 aliased identical queries (extreme amplification)",
+      "destructive": false,
+      "category": "GraphQL"
+  }
+]

package/payloads/community/graphql/depth-limit.json ADDED Viewed

@@ -0,0 +1,271 @@
+[
+  {
+      "id": "GQL-DEPTH-001",
+      "payload": "{\"query\": \"{ user { posts { comments { author { posts { comments { author { id } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "nested-query",
+        "quick",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "6-level deep nested query (user->posts->comments->author->posts->comments->author)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-002",
+      "payload": "{\"query\": \"{ user { friends { friends { friends { friends { friends { id } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "recursive",
+        "quick"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "5-level recursive self-referencing query (friends of friends)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-003",
+      "payload": "{\"query\": \"{ user { posts { comments { replies { replies { replies { replies { replies { content } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "deep-nesting",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "8-level deep comment thread traversal",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-004",
+      "payload": "{\"query\": \"{ organization { teams { members { organization { teams { members { id } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "circular"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Circular query pattern (org->teams->members->org)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-005",
+      "payload": "{\"query\": \"{ a: user { b: friends { c: friends { d: friends { e: friends { f: friends { g: id } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "alias",
+        "quick"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep nested query with field aliases",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-006",
+      "payload": "{\"query\": \"fragment DeepUser on User { friends { friends { friends { friends { id } } } } } query { user { ...DeepUser } }\"}",
+      "tags": [
+        "depth-limit",
+        "fragments"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep nesting via fragment spread",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-007",
+      "payload": "{\"query\": \"fragment Level1 on User { friends { ...Level2 } } fragment Level2 on User { friends { ...Level3 } } fragment Level3 on User { friends { ...Level4 } } fragment Level4 on User { friends { id } } query { user { ...Level1 } }\"}",
+      "tags": [
+        "depth-limit",
+        "fragment-chain",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Chained fragment spreading for deep traversal",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-008",
+      "payload": "{\"query\": \"{ user { posts { author { posts { author { posts { author { posts { author { id } } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "bidirectional"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "8-level bidirectional traversal (user<->posts<->author)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-009",
+      "payload": "{\"query\": \"{ node(id: \\\"1\\\") { ... on User { friends { ... on User { friends { ... on User { friends { id } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "inline-fragments"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "Deep nesting with inline fragment spreads",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-010",
+      "payload": "{\"query\": \"{ user { posts { comments { author { posts { comments { author { posts { comments { id } } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "extreme",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "9-level deep query (should definitely exceed limits)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-011",
+      "payload": "{\"query\": \"{ user { followers { following { followers { following { followers { id } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "social-graph"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep social graph traversal (followers/following chain)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-012",
+      "payload": "{\"query\": \"{ category { subcategories { subcategories { subcategories { subcategories { subcategories { name } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "hierarchy"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "6-level category hierarchy traversal",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-013",
+      "payload": "{\"query\": \"{ repository { forks { forks { forks { forks { forks { name } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "github-style"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "Deep fork traversal (GitHub-style schema)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-014",
+      "payload": "{\"query\": \"{ user { posts { comments { parent { parent { parent { parent { parent { id } } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "threaded"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep threaded comment parent traversal",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-015",
+      "payload": "{\"query\": \"query DeepQuery { a: user { b: friends { c: posts { d: comments { e: author { f: friends { g: posts { h: id } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "mixed-relations",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "7-level deep query mixing different relation types with aliases",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-016",
+      "payload": "{\"query\": \"{ user { posts { comments { likes { user { posts { comments { id } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "engagement"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep engagement chain (user->posts->comments->likes->user)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-017",
+      "payload": "{\"query\": \"{ user @skip(if: false) { friends @skip(if: false) { friends @skip(if: false) { friends @skip(if: false) { friends { id } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "directive-bypass"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "Deep nesting with @skip directives (potential bypass attempt)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-018",
+      "payload": "{\"query\": \"{ viewer { organization { repository { pullRequest { comments { author { organization { repository { id } } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "github-api"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "Deep GitHub API-style nested query",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-019",
+      "payload": "{\"query\": \"{ user { posts(first: 1) { comments(first: 1) { replies(first: 1) { replies(first: 1) { replies(first: 1) { content } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "pagination-abuse"
+    ],
+      "expected_block": true,
+      "severity_hint": "High",
+      "notes": "Deep nesting with pagination arguments (still deep despite first: 1)",
+      "destructive": false,
+      "category": "GraphQL"
+  },
+  {
+      "id": "GQL-DEPTH-020",
+      "payload": "{\"query\": \"{ node(id: \\\"1\\\") { ... on User { friends { ... on User { friends { ... on User { friends { ... on User { friends { ... on User { id } } } } } } } } } } }\"}",
+      "tags": [
+        "depth-limit",
+        "polymorphic",
+        "critical"
+    ],
+      "expected_block": true,
+      "severity_hint": "Critical",
+      "notes": "5-level deep polymorphic inline fragment chain",
+      "destructive": false,
+      "category": "GraphQL"
+  }
+]