This extension provides a way to discover NoSQL injection vulnerabilities.
GPL-3.0 License
Currently Burp doesn't have an engine that detects NoSQL Injection, so I created this plugin to add support using my preferred language, Java (it's a joke, it's a trap) :D Happy pentest :)
1 - Parallel scanning of multiple parameter at once is not supported for now. Consequently, at the moment the plugin does not detect derived problems, such as authentication bypass.
2 - No tab in the Burp UI for now.
I'm lazy, but sooner or later I will resolve all two :)
3 - Exploiting is not supported, do it manually if needed.
Refer to BUILD.md for instructions on how to build it from source.