diff --git a/pentesting/pentesting-web/graphql.md b/pentesting/pentesting-web/graphql.md
index ae8a06dd..d4c0df4d 100644
--- a/pentesting/pentesting-web/graphql.md
+++ b/pentesting/pentesting-web/graphql.md
@@ -58,6 +58,10 @@ The last code line is a graphql query that will dump all the meta-information fr
 
 If introspection is enabled you can use [**GraphQL Voyager**](https://github.com/APIs-guru/graphql-voyager) to view in a GUI all the options.
 
+#### No Introspection
+
+More and more **graphql endpoints are disabling introspection**. However, the errors that graphql throws when an unexpected request is received are enough for tools like [**clairvoyance**](https://github.com/nikitastupin/clairvoyance) to recreate most part of the schema.
+
 ### Quering
 
 Now that we know which kind of information is saved inside the database, let's try to **extract some values**.