Training
NoSQL Injection
Training Overview
The "NoSQL Injection" training comprehensively teaches how injection attacks in NoSQL databases work and how to protect against these attacks. The training starts with the structure of NoSQL databases and covers the fundamental principles of NoSQL Injection attacks and commonly used attack methods.
What You Will Learn
- The fundamental differences between SQL and NoSQL databases.
- How to identify and exploit NoSQL injection vulnerabilities.
- How to perform time-based blind NoSQL injection attacks.
- Best practices for preventing NoSQL injection in applications.
Who is this for?
- Web Penetration Testers.
- Developers working with NoSQL databases (e.g., MongoDB, CouchDB).
- Application Security Specialists.
Prerequisites
- Understanding of web application architecture.
- Familiarity with JavaScript and JSON is highly beneficial.
- Experience with a web proxy like Burp Suite.
Tools You Will Use
- Burp Suite
- A web browser
- NoSQLMap (Conceptual)
Training Sections
- Introduction
- NoSQL Databases
- NoSQL Injection
- Time Based NoSQL Injection
- Preventing NoSQL Injection Vulnerabilities
- Exam