https://github.com/cr0hn/nosqlinjection_wordlists
This repository contains payload to test NoSQL Injections
https://github.com/cr0hn/nosqlinjection_wordlists
injection mongodb nosql-injections owasp payload wordlist
Last synced: 22 days ago
JSON representation
This repository contains payload to test NoSQL Injections
- Host: GitHub
- URL: https://github.com/cr0hn/nosqlinjection_wordlists
- Owner: cr0hn
- License: mit
- Created: 2016-09-20T10:27:57.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2021-05-05T08:26:14.000Z (almost 4 years ago)
- Last Synced: 2025-03-30T19:11:08.623Z (29 days ago)
- Topics: injection, mongodb, nosql-injections, owasp, payload, wordlist
- Size: 8.79 KB
- Stars: 356
- Watchers: 17
- Forks: 68
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
What's this repo?
=================
This repo aims to contain wordlists with payloads for NoSQL Injections.
Support this project
====================
Support this project (to solve issues, new features...) by applying the Github "Sponsor" button.
What's contains currently?
==========================
Currently only has MongoDB payloads.
Can I contribute?
=================
Of course!! Your contribution are welcome. Send me a Pull Request.
References
==========
Here some references that I found useful:
- https://arxiv.org/pdf/1506.04082.pdf
- https://pentesterlab.com/exercises/web_for_pentester_II/course
- https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_sql_and_nosql_injection.html
- https://www.defcon.org/images/defcon-21/dc-21-presentations/Chow/DEFCON-21-Chow-Abusing-NoSQL-Databases.pdf
- https://www.imperva.com/blog/nosql-ssji-authentication-bypass/ for a php nosql authentication bypass
- https://gitlab.com/pentest-tools/PayloadsAllTheThings/tree/master/NoSQL%20Injection#authentication-bypass