YoVDO

Pentesting NoSQL DB's Using NoSQL Exploitation Framework

Offered By: 44CON Information Security Conference via YouTube

Tags

44CON Courses Javascript Courses Ethical Hacking Courses MongoDB Courses Redis Courses NoSQL Databases Courses Database Security Courses

Course Description

Overview

Explore pentesting techniques for NoSQL databases in this 36-minute conference talk from 44CON Information Security Conference. Delve into the security implications of NoSQL adoption, focusing on MongoDB, CouchDB, and Redis. Learn about injection attacks, JavaScript exploitation, and automated testing using the NoSQL Exploitation Framework. Discover architectural vulnerabilities, attack vectors, and security issues specific to each database type. Gain insights into database cloning, enumeration attacks, and denial of service techniques. Understand the importance of securing NoSQL implementations and stay updated on emerging threats in this rapidly evolving field.

Syllabus

Intro
Agenda
No Sequel Databases
Why NoSQL
NoSQL Snapshot
NoSQL Key Points
MongoDB
Architecture
JavaScript
Mapping
Demo
Database Object in Mongo
JavaScript Techniques
JavaScript Injection Attacks
Saving JavaScript
Load JavaScript Function
Associative Array
Resource Exceptional MongoDB
CouchDB
CouchDB Architecture
CouchDB Attacks
Admin Parties
Cross Side Port Attack
Enumeration Attack
PHP on Couch
Query
All Docs
Redis
Redis Key Features
Attacks
Lua Scripting
Key Points
Script Kill
Denial of Service Attack
Rename Command
Rewrite Command
Enumeration
Security Issues
Source Command
Java
NoSQL
NoSQL Framework
Key Features
Database Cloning
Future Updates


Taught by

44CON Information Security Conference

Related Courses

Déployez des applications dans le cloud avec IBM Bluemix
IBM via OpenClassrooms
Big Data Applications: Real-Time Streaming
Yandex via Coursera
Introduction to Redis Data Structures
Redis University via Independent
Redis for Java Developers
Redis University via Independent
Redis for JavaScript Developers
Redis University via Independent