This is the playbook you need if you're testing anything with MongoDB, CouchDB, or Redis on the backend. It's not SQL injection with a fresh coat of paint. The entire attack surface is different: you're injecting query operators like $ne and $gt instead of breaking out of quotes, using $regex for blind character extraction instead of UNION, and exploiting JSON parsing quirks in Express or PHP to turn password fields into objects. Covers authentication bypass, blind data exfiltration via regex oracle, $where JavaScript injection, and even CouchDB's often-exposed admin API on port 5984. Includes a Python template for automating character-by-character password extraction. Most pentesters who only know SQL patterns completely miss these.
npx skills add https://github.com/yaklang/hack-skills --skill nosql-injection