LSE toolsLSE toolsNoSQLMap (443)NoSQLMap (443)

Tool and Usage

Project details
Programming languagePython
AuthorRussell Butturini
Latest release0.5 []

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

NoSQLMap is designed to audit database, as well to automate injection attacks. It can exploit configuration weaknesses in NoSQL databases and web applications using NoSQL.

Background information

In 2017, Michael Skelton took over ownership of the project from Russell Butturini.

NoSQLMap is named after the popular sqlmap tool, based on the work of Bernardo Damele and Miroslav's Stampar. The concepts are based on Ming Chow's presentation at Defcon 21 (Abusing NoSQL Databases).

Usage and audience

NoSQLMap is commonly used for database security, penetration testing, or security assessment.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Author and Maintainers

NoSQLMap was created by Russell Butturini.


Supported operating systems

NoSQLMap is known to work on Linux.

NoSQLMap alternatives

Similar tools to NoSQLMap:


jSQL Injection

jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.



Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. Read how it works in this review.



Evilredis tool is an offensive security program for pentesting Redis databases. It can scan the target and perform different actions on it. Read how it works in this review.

All NoSQLMap alternatives

Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a database security tool.