GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → eversinc33 → Papaya

eversinc33 / Papaya

Licence: other
NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

securitymongodbnosqlbruteforcewebappnosql-injectionlogin-bypassmongodb-injection

Projects that are alternatives of or similar to Papaya

gorm-neo4j
GORM for Neo4j
Stars: ✭ 16 (-27.27%)
Mutual labels:  nosql
authorizer
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box.
Stars: ✭ 770 (+3400%)
Mutual labels:  nosql
uptasticsearch
An Elasticsearch client tailored to data science workflows.
Stars: ✭ 47 (+113.64%)
Mutual labels:  nosql
unqlite.rs
UnQLite wrapper 1.0 is avaliable for Rust
Stars: ✭ 99 (+350%)
Mutual labels:  nosql
Noodle
Simple object storage for Android
Stars: ✭ 55 (+150%)
Mutual labels:  nosql
cordova-plugin-realm
Unofficial Cordova plugin for Realm Mobile Database.
Stars: ✭ 29 (+31.82%)
Mutual labels:  nosql
nedb-repl
The command-line tool for NeDB
Stars: ✭ 19 (-13.64%)
Mutual labels:  nosql
objectbox-generator
ObjectBox Generator based on FlatBuffers schema files (fbs) for C and C++ (more languages in the future)
Stars: ✭ 30 (+36.36%)
Mutual labels:  nosql
lmdb-js
Simple, efficient, ultra-fast, scalable data store wrapper for LMDB
Stars: ✭ 270 (+1127.27%)
Mutual labels:  nosql
psolving-paradigms
Common problems of dynamic programming methods and techniques, including prerequisites, for competitive programmers.
Stars: ✭ 34 (+54.55%)
Mutual labels:  bruteforce
soda-for-java
SODA (Simple Oracle Document Access) for Java is an Oracle library for writing Java apps that work with JSON (and not only JSON!) in the Oracle Database. SODA allows your Java app to use the Oracle Database as a NoSQL document store.
Stars: ✭ 61 (+177.27%)
Mutual labels:  nosql
boxer
Boxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-31.82%)
Mutual labels:  bruteforce
location-api-sl
This API can be use to all developers to get location details of Sri Lanka 🇱🇰 including major cities, sub areas, districts and Provinces. ⛳️
Stars: ✭ 35 (+59.09%)
Mutual labels:  nosql
workshop-intro-to-cassandra
Learn Apache Cassandra fundamentals in this hands-on workshop
Stars: ✭ 208 (+845.45%)
Mutual labels:  nosql
Crackerjack
Multiprocessing brute-force script written in Python 3
Stars: ✭ 22 (+0%)
Mutual labels:  bruteforce
Public-Transport-SP-Graph-Database
Metropolitan Transport Network from São Paulo mapped in a NoSQL graph database.
Stars: ✭ 25 (+13.64%)
Mutual labels:  nosql
dynobase
Dynobase - Professional GUI Client for DynamoDB (releases / issues / roadmap repository) https://dynobase.dev
Stars: ✭ 66 (+200%)
Mutual labels:  nosql
chainDB
A noSQL database based on blockchain technology
Stars: ✭ 13 (-40.91%)
Mutual labels:  nosql
Brutegram
Instagram multi-bruteforce Platfrom
Stars: ✭ 183 (+731.82%)
Mutual labels:  bruteforce
miki
Wiki system in PHP+NoDB in just one file. 10s setup + auto-installed. Full Markdown support. Super fast and lightweight (-0.01MB gzip). Multi-User support. Minimal and beautiful.
Stars: ✭ 25 (+13.64%)
Mutual labels:  nosql
View All Similar Projects ➔

Papaya

screenshot

Papaya is a tool to test if a MongoDB/NoSQL-based web application is vulnerable to a basic nosql injection on POST login forms, including tests for password and username extraction.

The attack works by injecting nosql's $regex and $eq operators on passwords and usernames.

Usage

python3 papaya.py TARGET_URL
  • test for vulnerability
  • if application is vulnerable, search for a string that is unique in the positive response and set it as the identifier
  • choose an attack

Dependencies

pip install -r requirements.txt
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].