Tool and Usage
|Latest release||0.5 |
Why this tool?
NoSQLMap is designed to audit database, as well to automate injection attacks. It can exploit configuration weaknesses in NoSQL databases and web applications using NoSQL.
In 2017, Michael Skelton took over ownership of the project from Russell Butturini.
NoSQLMap is named after the popular sqlmap tool, based on the work of Bernardo Damele and Miroslav's Stampar. The concepts are based on Ming Chow's presentation at Defcon 21 (Abusing NoSQL Databases).
Usage and audience
NoSQLMap is commonly used for database security, penetration testing, or security assessment.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 10 contributors
- + More than 500 GitHub stars
- + The source code of this software is available
Supported operating systems
NoSQLMap is known to work on Linux.
Similar tools to NoSQLMap:
jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.
Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. Read how it works in this review.
Evilredis tool is an offensive security program for pentesting Redis databases. It can scan the target and perform different actions on it. Read how it works in this review.
Found an improvement? Help the community by submitting an update.
Related tool information
This tool is categorized as a database security tool.