nosqli v0.5.4 releases: NoSql Injection CLI tool

NoSQL Injector

NoSQL scanner and injector.

It aims to be fast, accurate, and highly usable, with an easy to understand command-line interface.

Features

Nosqli currently supports nosql injection detection for Mongodb. It runs the following tests:

• Error based – inject a variety of characters and payloads, searching responses for known Mongo errors
• Boolean Blind injection – inject parameters with true/false payloads and attempt to determine if an injection exists
• Timing injection – attempt to inject timing delays in the server, to measure the response.

Changelog v0.5.4

• Includes bug fix for open file error.

Install

If you prefer to build from source, or there isn’t a compiled binary for your platform, you can do so by cloning the repository, installing dependencies, and building the project manually. This will require a recent Go version and the appropriate GOPATH environment variable.

$ git clone https://github.com/Charlie-belmer/nosqli
$ cd nosqli
$ go get ./..
$ go install

Download the latest binary version for your OS, and install it in your path, or run from a local folder.

Use

Copyright (C) 2020 Charlie-belmer

Source: https://github.com/Charlie-belmer/