{"id":4370,"date":"2017-08-23T07:42:18","date_gmt":"2017-08-23T02:12:18","guid":{"rendered":"https:\/\/qadit.com\/blog\/?p=4370"},"modified":"2017-08-23T07:42:18","modified_gmt":"2017-08-23T02:12:18","slug":"nosqlmap-automated-nosql-exploitation-tool","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/nosqlmap-automated-nosql-exploitation-tool\/","title":{"rendered":"NoSQLMap \u2013 Automated NoSQL Exploitation Tool"},"content":{"rendered":"
\n

NoSQLMap is an open source Python-based automated NoSQL exploitation tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases. It is also intended to attack web applications using NoSQL in order to disclose data from the database.<\/p>\n

\"NoSQLMap<\/p>\n

Presently the tool\u2019s exploits are focused around MongoDB, but additional support for other NoSQL based platforms such as CouchDB, Redis, and Cassandra are planned in future releases.<\/p>\n

\n

<\/ins>\n<\/p>\n

<\/p>\n

A NoSQL (originally referring to \u201cnon SQL\u201d, \u201cnon-relational\u201d or \u201cnot only SQL\u201d) database provides a mechanism for storage and retrieval of data which is modelled by means other than the tabular relations used in relational databases. Such databases have existed since the late 1960s, but did not obtain the \u201cNoSQL\u201d moniker until a surge of popularity in the early twenty-first century, triggered by the needs of Web 2.0 companies such as Facebook, Google, and Amazon.com.<\/p>\n

NoSQL databases are increasingly used in big data and real-time web applications. NoSQL systems are also sometimes called \u201cNot only SQL\u201d to emphasize that they may support SQL-like query languages.<\/p>\n

Requirements<\/h3>\n

On a Debian or Red Hat based system, the setup.sh script may be run as root to automate the installation of NoSQLMap\u2019s dependencies.<\/p>\n

Varies based on features used:<\/p>\n