Ventral DigitalAboutAboutDonateDonateRSSRSS (opens in a new tab)
  • Categories
      • Why Does RSA Actually Work?
      • Applied Elliptic Curve Cryptography
      • Blind Signatures
      • Ring Signatures
      • Borromean Ring Signatures
      • Confidential Transaction Values
      • Zerocoin Protocol
      • Sigma Protocol(s)
      • Bulletproof Range Proofs
      • Lelantus
      • Exploiting EC-Recover For Efficient Borromean Ring Signatures
      • CryptoHack CTF: Key Takeaways
        • Ethereum 101 Quiz
        • Solidity 101 Quiz
        • Solidity 201 Quiz
        • Security Pitfalls & Best Practices 101 Quiz
        • Security Pitfalls & Best Practices 201 Quiz
        • Audit Techniques & Tools 101 Quiz
        • Audit Findings 101 Quiz
        • Audit Findings 201 Quiz
        • CARE: Sushi's BentoBox Strategies
        • RACE #0
        • RACE #1
        • RACE #2
        • RACE #3
        • RACE #4
        • RACE #5
        • RACE #6
        • RACE #7
        • RACE #8
        • RACE #9
        • RACE #10
        • RACE #11
        • RACE #12
        • RACE #13
        • RACE #14
        • RACE #15
        • RACE #16
        • RACE #17
        • RACE #18
        • RACE #19
        • RACE #20
        • RACE #21
        • RACE #22
        • RACE #23
        • RACE #24
        • RACE #25
        • RACE #26
        • RACE #27
        • RACE #28
        • RACE #29
        • RACE #30
        • RACE #31
        • RACE #32
        • RACE #33
        • RACE #34
        • RACE #35
        • RACE #36
      • Fuzzing Complex Projects With Echidna: Sushi's BentoBox
      • Fuzzing For Memory Bugs In Solidity
      • Fuzzing Vyper Contracts Using Foundry
      • Differential Fuzzing On Solidity Fixed-Point Libraries
        • 2021 - Write-Up #1
        • 2021 - Write-Up #2
        • 2022 - Electric Sheep
        • 2022 - Trapdooor & Trapdoooor
        • Setup And Challenges 1 To 4
        • #5 The Rewarder
        • #6 Selfie
        • #7 Compromised
        • #8 Puppet
        • #9 Puppet V2
        • #10 Free Rider
        • #11 Backdoor
        • #12 Climber
        • #13 Junior Miners
        • Learning Ethereum Virtual Machine Opcodes With EVM Puzzles
        • EVM Puzzles – Second Wind
        • More EVM Puzzles - Part 1
        • More EVM Puzzles - Part 2
        • More EVM Puzzles - Part 3
        • More EVM Puzzles - Part 4
        • #26 DoubleEntryPoint
        • 2022 Stanford
        • 2023 DeFi Security Summit
      • EKO2022 Blockchain CTF
      • SZNS’ BountyBoard: Unauthorized TransferFrom Vulnerability
      • 2022
      • 2023
    • Solidity Cheatsheet (opens in a new tab)
      • Practical GrapheneOS for the Paranoid
      • Inter Profile Sharing (opens in a new tab)
      • NoSQL Operator Injection
        • Iterating Collections
        • Cracking Sessions
        • Mitigation
      • S3 API Compatibility On Microsoft Azure
      • Input Validation with AJV
      • Input Validation With JSON Schemas: Best Practices
      • HTTP/JS-Double-Cookies Against CSRF And Session Theft
    • Cracking A Very Old Monero Wallet
Suggest edit on GitHub →
Web2
MongoDB
NoSQL Operator Injection

MongoDB NoSQL Operator Injection

Iterating CollectionsCracking SessionsMitigation

All security/hacking related information on this website is for educational purposes. In no event shall the authors or copyright holders be held liable for any effects arising from the usage of the information. Do not use the information against devices or services that are not your own property or without permission of the owner.

© 2025 Ventral Digital LLC