digininja/nosqlilab
Stars: 119
Forks: 39
Pull Requests: 3
Issues: 2
Watchers: 6
Last Updated: 2020-07-22 15:58:49
A lab for playing with NoSQL Injection
License:
Languages: CSS, PHP, JavaScript, Shell, Hack
NoSQLi Lab
With the rise in popularity of NoSQL I figured it was time to build a lab so I could have a play with the different techniques used to attack them. This lab was the result.
Seeing as I've already played with Redis for some development work I decided to
go with MongoDB here. I have built two different scenarios in this lab, an
equivalent of the SQLi " or 1=1" vulnerability and also a new type of attack,
which is specific to NoSQL, script injection. I might add more later but these
were good for a start.
For more information see the full write up on my site: