nosqli
A fast NoSQL scanner and injector. For finding sites vulnerable to NoSQL injection, Mongo in particular.
Details
Category: Vulnerabilities
Publisher: trickest
Created Date: 9/7/2021
Container: quay.io/trickest/nosqli:6fce3eb
Source URL: https://github.com/Charlie-belmer/nosqli
Parameters
data
string
Command:
--data
- Specify default post data (should not include any injection strings)https
boolean
Command:
--https
- Always send requests as HTTPS (Defaults to HTTP when using request files)proxy
string
Command:
--proxy
- Proxy requests through this proxy URL.config
file
Command:
--config
- config filetarget
string
requiredCommand:
--target
- Target url eg. http://site.com/page?arg=1request
file
Command:
--request
- Load in a request from a file, such as a request generated in Burp or ZAP.user-agent
string
Command:
--user-agent
- Specify a user agent