evilredis

LSE toolsLSE toolsevilredis (447)evilredis (447)

Tool and Usage

Project details

License
MIT
Programming language
Node.js
Author
Matias Insaurralde
Latest release
1.0.2
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Evilredis tool is an offensive security program for pentesting Redis databases. It can scan the target and perform different actions, like shutting down a Redis instance.

How it works

The evilredis tool sends commands to the Redis instance and sees how it responds. Based on that, an action might be successful or not.

Usage and audience

evilredis is commonly used for security assessment or vulnerability scanning. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

== evilredis >:)

Syntax: evilredis [ target ] [ level = 0 ]
Ex. evilredis 192.168.0.0/24 1

- Level 0: quick scan, dump server info & keys
- Level 1: flushall
- Level 2: flushall & shutdown
- Level 3: root >:) (requires a pubkey)

Specify your pubkey after evilness level
Example: $ evilredis x.x.x.x 3 ~/.ssh/id_rsa.pub

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Author and Maintainers

Evilredis is under development by Matias Insaurralde.

Installation

Supported operating systems

Evilredis is known to work on Linux.

Dependencies

Several dependencies are required to use evilredis.

  • Redis
  • async
  • cidr-js
  • ipv4list

evilredis alternatives

Similar tools to evilredis:

63

Oscanner

Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.

60

TheDoc

TheDoc is a tool written in shell-script to automate the usage of sqlmap. It comes with a built-in admin finder and hash cracker, using the Hashcat tool.

89

sqlmap

The sqlmap performs automatic SQL injection and can take over a database. It is a valued tool for pentesters and those who want to test their web applications.

All evilredis alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information