homepage
Open menu
Contact Sales

Modern Web Application Penetration Testing Part 3, NoSQL injection with MongoDB

NoSQL injection, what it is and what it means in modern web application penetration testing. SQL Injection in relational databases is a well understood and yet still common threat. Modern applications call for modern web application penetration testing techniques, NoSQL can mean NoSecure. Many modern applications can use alternative databases for storage and retrieval, one example is MongoDB which is part of the MEAN stack. This discussion will cover NoSQL injection, a relatively new attack technique that is as damaging, and not as well known. We will do a live demonstration of the attack using nothing but a web browser and a vulnerable application!

View the rest of this series here:

Modern Web Application Penetration Testing Part 1, XSS and XSRF Together

Modern Web Application Penetration Testing Part 2, Hash Length Extension Attacks

Login to Register

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
HackFest_blog_image.png
Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming
A Visual Summary of SANS HackFest Summit
Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023
370x370-person-placeholder.png
Alison Kim
read more
Blog
Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming
SEC670 Prep Quiz Answers
Answers for the SEC670 Prep Quiz. For more details about the course and the quiz, please clickthrough to see the quiz article.
370x370_jonathan-reiter.jpg
Jonathan Reiter
read more