Skip to content
/ Burp-NoSQLiScanner Public

This extension provides a way to discover NoSQL injection vulnerabilities.

License

GPL-3.0 license
23 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

matrix/Burp-NoSQLiScanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
src/burp
src/burp
 
 
.gitignore
.gitignore
 
 
BUILD.md
BUILD.md
 
 
BappDescription.html
BappDescription.html
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Burp NoSQLi Scanner

Currently Burp doesn't have an engine that detects NoSQL Injection, so I created this plugin to add support
using my preferred language, Java (it's a joke, it's a trap) :D
Happy pentest :)

Limitations

1 - Parallel scanning of multiple parameter at once is not supported for now.
Consequently, at the moment the plugin does not detect derived problems, such as authentication bypass.

2 - No tab in the Burp UI for now.

I'm lazy, but sooner or later I will resolve all two :)

3 - Exploiting is not supported, do it manually if needed.

Building

Refer to BUILD.md for instructions on how to build it from source.

About

This extension provides a way to discover NoSQL injection vulnerabilities.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

23 stars

Watchers

2 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages