Pangolin is an automatic SQL injection penetration testing tool. Its goal is to detect and take advantage of SQL injection.
How does Pangolin work?
Vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.
Supported databases:
Oracle
MS SQL Server 2000
MS SQL Server 2005
Sybase
Access
Mysql
DB2
Informix
Pangolin most of us know it works like a charm specially if you have the commercial version. Free version has limited features but more than enough to test your database for known vulnerabilites.
Operating Systems supported:
Windows Xp SP2 and above (not tested with 64 bit and seven)
Download Pangolin here
Searches leading to this post:
SQL Injection Pen-testing Tool, pangolin tutorial, pangolin sql, SQL Injection Pentesting TooL, pangolin sql injection, tutorial pangolin
Comments on this entry are closed.