Gone are the days of SELECT *… Hadoop- Mongo- Elasticsearch. NoSQL databases are all the rage these days- as companies migrate some- if not all- of their data to these new storage types. As infosec practitioners encounter these bad boys- we need to know what to do with them. This talk will combine viewpoints of NoSQL injections and the footprints left behind. Using MongoDB as an example- attendees will be shown basic Mongo operations and through log analysis- determine which operations are logged and which are not. We’ll then build up our NoSQL injection skills- making Mongo and Elasticsearch sing. Attendees should be prepared to learn some neat NoSQL tricks- and proceed comfortably knowing what’s logged and what’s not.