Tag Archives | mongodb security




NoSQLMap – Automated NoSQL MongoDB Exploitation Tool

NoSQLMap is an open source Python-based automated NoSQL MongoDB exploitation tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases. It is also intended to attack web applications using NoSQL in order to disclose data from the database. What is NoSQLMap? Presently the tool’s exploits are […]

Topic: Database Hacking

mongoaudit – MongoDB Auditing & Pen-testing Tool

mongoaudit is a CLI tool for MongoDB auditing of servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB’s default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB […]

Topic: Countermeasures, Database Hacking, Security Software

Another MongoDB Hack Leaks Two Million Recordings Of Kids

No surprises here, but there’s been another big MongoDB hack and from the looks of it, it’s been owned for quite some time. This time 2 million records from over 820,000 accounts have been leaked due to yet another default MongoDB installation with no authentication listening on the public IP address. The terrible part is, […]

Topic: Database Hacking, Exploits/Vulnerabilities

MongoDB Ransack – Over 33,000 Databases Hacked

Ah our favourite database in the news again, being hailed as the MongoDB Ransack a whole bunch of people have turned the insecure MongoDB default configuration into a ransom opportunity. They are deleting/stealing databases and soliciting bitcoin payments to return the data. With multiple actors doing the same stuff though it’s hard to know who […]

Topic: Database Hacking, Privacy

BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

So another data breach, and no surprise here, but another dating site. This time the BeautifulPeople.com Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private now is it. And no surprise either the entry point for this leak, was the not-so excellent NoSQL database MongoDB which […]

Topic: Exploits/Vulnerabilities, Privacy, Web Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·