A FrameWork For NoSQL Scanning and Exploitation Framework
NoSQL Exploitation Framework 1.0 Released
- NoSQL Exploitation Framework Authored By Francis Alexander
- First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra
- Support For NoSQL WebAPPS
- Added payload list for JS Injection,Web application Enumeration.
- Scan Support for Mongo,CouchDB and Redis
- Dictionary Attack Support for Mongo,Cocuh and Redis
- Enumeration Module added for the DB's,retrieves data in db's @ one shot.
- Currently Discover's Web Interface for Mongo
- Shodan Query Feature
- MultiThreaded IP List Scanner
- Dump and Copy Database features Added for CouchDB
- Sniff for Mongo,Couch and Redis
- Run chmod+x install.sh nosqlmap.py
- ./install.sh
- nosqlexp.py -h (For Help Options)
- nosqlexp.py -ip localhost -scan
- nosqlexp.py -ip localhost -dict mongo -file b.txt
- nosqlexp.py -ip localhost -enum couch
- nosqlexp.py -ip localhost -enum redis
- nosqlexp.py -ip localhost -clone couch
- nosqlexp.py -ip localhost -webapp "web_app_link"
- Added Scan and Enumerate Support for Riak,Neo04j and other DB's
- Dump and Clone for Mongo and Redis
- Web Interface attack and Fuzz Platform
- Plse report any bugs or queries @ helofrancis@gmail.com