NoSQLi Lab

With the rise in popularity of NoSQL I figured it was time to build a lab so I could have a play with the different techniques used to attack them. This lab was the result.

Seeing as I've already played with Redis for some development work I decided to go with MongoDB here. I have built two different scenarios in this lab, an equivalent of the SQLi " or 1=1" vulnerability and also a new type of attack, which is specific to NoSQL, script injection. I might add more later but these were good for a start.

For more information see the full write up on my site:

NoSQLi Lab

Name		Name	Last commit message	Last commit date
Latest commit History 17 Commits
css		css
.dockerignore		.dockerignore
Dockerfile-mongo		Dockerfile-mongo
Dockerfile-web		Dockerfile-web
README-Docker.md		README-Docker.md
README-Vagrant.md		README-Vagrant.md
README.md		README.md
Vagrant.bootstrap.sh		Vagrant.bootstrap.sh
Vagrantfile		Vagrantfile
debug.php		debug.php
digininja_avatar.png		digininja_avatar.png
docker-compose.yml		docker-compose.yml
favicon.ico		favicon.ico
guess_the_key.php		guess_the_key.php
index.php		index.php
lab.js		lab.js
phpinfo.php		phpinfo.php
populate_db.php		populate_db.php
user_lookup.php		user_lookup.php

digininja/nosqlilab

Folders and files

Latest commit

History

Repository files navigation

NoSQLi Lab

About

Topics

Resources

Stars

Watchers

Forks

Languages