GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
Check your WAF before an attacker does
A Python Framework For NoSQL Scanning and Exploitation
Using this script, you can enumerate Usernames and passwords of Nosql(mongodb) injecion vulnerable web applications.
NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.
Manipulate a hidden API endpoint to change product pricing using HTTP method tampering and JSON injection, exposing a critical authorization flaw.
A automation suite
NoSQLInsanity: Tool for Security Assesment NoSQL (Linear Search VS Binary Search)
F-14 Tomcat: An advanced, high-speed NoSQL injection framework. Features WAF evasion (JA3/TLS impersonation), binary search extraction, and auto-authentication.
The Backend Storage 🏬 Repository is a collection of resources and solutions for managing and storing data on the backend. This repository covers a range of storage solutions, including Relational databases, NoSQL databases, object storage, file storage, and cache storage.
Multi-database NoSQL injection scanner supporting MongoDB, Redis, Cassandra, and Elasticsearch with 150+ attack payloads and database cloning.
Add a description, image, and links to the nosql-injection topic page so that developers can more easily learn about it.
To associate your repository with the nosql-injection topic, visit your repo's landing page and select "manage topics."