MongoAttack

基于python2.7.x 的mongoDB攻击工具(参考NoSQLMap)

Generate Convert Improve

Install / Use

/learn @sixwha1e/MongoAttack

About this skill

Quality Score

0/100

README

MongoAttack

基于python2.7.x 的mongoDB攻击工具

Usage

Start:

配置文件修改：
mongoattack/Lib/setting.py

$ cd mongoattack/
$ python mongoattack.py

Required:

colorama (0.3.7)
shodan (1.6.4) 
requests (2.13.0) 
pymongo (3.4.0) [本地要装mongoDB]

效果图:

Status：

Done：

shodan 扫描mongo主机
指定主机进行列库列集合
克隆指定数据库
GET型url参数注入
POST型注入(初上线)

Todo：

~~--inject 模块~~
~~POST型注入 (doing)~~
......( 暂时还没想好有想法的同学可以私聊 prpr

bug肯定是有的一点一点de (= =b

email: wjsixwhale#gmail.com

Related Skills

feishu-drive

347.6k

things-mac

347.6k

Manage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database)

clawhub

347.6k

Use the ClawHub CLI to search, install, update, and publish agent skills from clawhub.com

codebase-memory-mcp

1.2k

High-performance code intelligence MCP server. Indexes codebases into a persistent knowledge graph — average repo in milliseconds. 66 languages, sub-ms queries, 99% fewer tokens. Single static binary, zero dependencies.

sixwha1e

View profile

View on GitHub

GitHub Stars9

CategoryData

Updated7mo ago

Forks4

sixwha1e/MongoAttack

Languages

Python

Security Score

62/100

Audited on Aug 15, 2025

No findings