Question 1

How to install NoSQLMap on Kali Linux?

Accepted Answer

You can run the setup.sh script as root for automated dependency installation, or use Docker with 'docker build -t nosqlmap .' for a containerized setup, as described in the README. Ensure Python 2.7 is available.

Question 2

NoSQLMap vs sqlmap: which should I use for NoSQL databases?

Accepted Answer

Use NoSQLMap specifically for NoSQL databases like MongoDB, as it's designed for NoSQL injection and configuration weaknesses, while sqlmap targets SQL databases. NoSQLMap extends concepts from sqlmap but focuses on the NoSQL ecosystem.

Question 3

How to clone a MongoDB database using NoSQLMap?

Accepted Answer

Set the target host and local Mongo IP in the options menu, then select DB access attacks to clone the database. This requires a local MongoDB instance running, as per the setup instructions in the README.

Question 4

Does NoSQLMap support Redis injections?

Accepted Answer

No, currently NoSQLMap only supports MongoDB and CouchDB, with Redis and Cassandra planned for future releases, so it's not suitable for Redis audits at this time.

Question 5

How to automate NoSQLMap attacks in a script?

Accepted Answer

Use the command-line arguments like --attack and --victim to script attacks, as demonstrated in the example scripts for testing vulnerable applications. This allows integration into automated security testing workflows.

Question 6

What are common vulnerabilities NoSQLMap can exploit?

Accepted Answer

NoSQLMap targets injection flaws and default configuration weaknesses in NoSQL databases and web applications, such as those in MongoDB and CouchDB, based on features like automated enumeration and database cloning.

NoSQLMap

What is NoSQLMap?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions