mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.
Installing
Clone this repository and run the setup:
> git clone https://github.com/stampery/mongoaudit.git
> cd mongoaudit
> python setup.py install
> mongoaudit
Introduction
It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse.
mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro!
This is how the actual app looks like:
Supported tests
- MongoDB listens on a port different to default one
- Server only accepts connections from whitelisted hosts / networks
- MongoDB HTTP status interface is not accessible on port 28017
- MongoDB is not exposing its version number
- MongoDB version is newer than 2.4
- TLS/SSL encryption is enabled
- Authentication is enabled
Author
- BlogMay 2, 2022Lupo - Malware IOC Extractor and Debugging module for Malware Analysis Automation
- BlogMay 2, 2022DDexec - a technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process
- BlogApril 28, 2022ADReaper - A fast enumeration tool for Windows Active Directory Pentesting written in Go
- BlogApril 27, 2022Shhhloader - SysWhispers Shellcode Loader
Oh, awesome stuff! This kind of things are necessary, as this suffered from a breach once right? So this is a necessary measure to take.
Hope this is really good!