- https://www.owasp.org/index.php/Testing_for_NoSQL_injection
- http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html
- http://www.nosqlmap.net/
- https://media.blackhat.com/bh-us-11/Sullivan/BH_US_11_Sullivan_Server_Side_WP.pdf
- http://2012.zeronights.org/includes/docs/Firstov%20-%20Attacking%20MongoDB.pdf
- http://ieee-security.org/TC/SPW2015/W2SP/papers/W2SP_2015_submission_11.pdf
- http://tinple.io/tech/mongo-security-part-two
- http://blog.websecurify.com/2014/08/attacks-nodejs-and-mongodb-part-to.html
- Using https://en.wikipedia.org/wiki/Rainbow_table
- http://www.reddit.com/r/netsec/
- https://thecodebarbarian.wordpress.com/2014/09/04/defending-against-query-selector-injection-attacks/
- http://docs.mongodb.org/manual/administration/security-checklist/
- http://sakurity.com/blog/2015/06/04/mongo_ruby_regexp.html
- http://software-talk.org/blog/2015/02/mongodb-nosql-injection-security/
- https://github.com/shirishp/NoSQLInjectionDemo
- https://blogs.adobe.com/security/files/2011/04/NoSQL-But-Even-Less-Security.pdf
- http://www.slideshare.net/44Con/pentesting-nosql-dbs-with-nosql-exploitation-framework
- http://www.irongeek.com/i.php?page=videos/derbycon4/t504-nosql-injections-moving-beyond-or-11-matt-bromiley
- http://www.nosqlmap.net/
- http://www.rapid7.com/db/modules/auxiliary/gather/mongodb_js_inject_collection_enum
- http://nosql.mypopescu.com/post/14453905385/attacking-nosql-and-node-js-server-side
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/mongodb_js_inject_collection_enum.rb
- http://www.fidelissecurity.com/files/NDFInsightsWhitePaper.pdf
- http://opensecurity.in/nosql-exploitation-framework/
- http://nosqlproject.com/
- http://nosqlproject.com/docs.htm
- https://github.com/torque59/Nosql-Exploitation-Framework
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Mongodb—Security-Weaknesses-in-a-typical-NoSQL-database/
The post MongoDB Injection (Security) appeared first on MongoDB Developer.