NOSQL INJECTION - OWASP - Javascript read query string param

[Pages:29]NOSQL INJECTION

FUN WITH OBJECTS AND ARRAYS

Patrick Spiegel

1

MOTIVATION

... with MongoDB we are not building queries

from strings, so traditional SQL injection attacks

are not a problem.

- MongoDB Developer FAQ

2

AGENDA

Scope Attacker Model

Attacks Mitigation

3

SCOPE

4.1

SCOPE - DATABASES

Database Type

Ranking

Document store

5.

Key-value store

9.

Key-value cache

23.

Document store

26.

4.2

SCOPE - DATABASES

4.3

SCOPE - TECHNOLOGY STACK

What do we have to consider for NoSQL Injection?

DATABASES

APPLICATION SERVERS

DATABASE DRIVERS

FRAMEWORKS

~ 64 TECHNOLOGY STACKS

4.4

ATTACKER MODEL

5.1

................
................

In order to avoid copyright disputes, this page is only a partial summary.

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download

ogscript reference guide ross video
fastscript 1 9 scripting library fast report
developing acrobat applications using javascript adobe inc
arcgis api for javascript client side mapping and analytics esri
specifying data ampl
javascript the strings object tutorials point
sugi 25 the sas substr function a beginner s tutorial
10 1 the common gateway interface 10 2 cgi linkage
nosql injection owasp
the basics declaring parameters and variables in ampl

NOSQL INJECTION - OWASP

Javascript read query string param

To fulfill the demand for quickly locating and searching documents.

Related download

Related searches