A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Russell Butturini (@tcstoolHax0r): Making Mongo Cry: Automated NoSQL exploitation with NoSQLMap (BSides Nashville 2014) (Hacking Illustrated Series InfoSec Tutorial Videos)

Russell Butturini (@tcstoolHax0r): Making Mongo Cry: Automated NoSQL exploitation with NoSQLMap
BSides Nashville 2014
http://bsidesnash.org

This presentation will discuss some of the inherent security flaws and weaknesses in NoSQL databases, with a particular interest and focus on MongoDB. The presentation will examine how NoSQL databases work, where configuration weaknesses exist "out of the box", and how web applications using NoSQL backends can be exploited. NoSQLMap, a Python tool written for automatically stealing data from NoSQL databases and applications, will also be demoed.

Back to BSides Nashville 2014 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast