Pangolin Professional v3.2.5 + Tutorial Guide

Lama dah tak buat entri. Projek baru pon dah mula, jadi makin kurang la masa janjang untuk cari bahan dan buat entri kat sini. Sori yer Mr. Hac. tapi Janjang akan cuba luangkan masa untuk kongsi dengan semua bila berkesempatan.

Sebenarnya Janjang tak pasti samada Mr Hac ade tak buat review yang lepas-lepas pasal tool ni. kalau takde, ni ade tools untuk Script-Kiddies. Yang best nyer banyak jenis database yang tool ni boleh injek, bukan setakat SQL jer.

Terus terang Janjang cakap yang Janjang sendiri tak cuba lagi tool ni. ape kate korang cuba dan bagi review sket, ok tak ?

Malas nak translate, kalau korang tak paham tengok google atau kamus yer. Lagipon Guide dia dalam English gak.

Pangolin is an automatic SQL
injection penetration testing (Pen-testing) tool for Website manager or IT
Security analyst. Its goal is to detect and take advantage of SQL injection
vulnerabilities on web applications. Once it detects one or more SQL
injections on the target host, the user can choose among a variety of
options to perform an extensive back-end database management system
fingerprint, retrieve DBMS session user and database, enumerate users, password
hashes, privileges, databases, dump entire or users specific DBMS
tables/columns, run his own SQL statement, read specific files on the file
system and more.

Test many types of databases


Your web applications using Access,DB2,Informix,Microsoft SQL Server
2000,Microsoft SQL Server 2005,Microsoft SQL Server
2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase.

Pangolin supports all of them.

Features: Auto-analyzing keyword, HTTPS support, Pre-Login, Bypass
firewall setting, Injection Digger, Data dumper, etc.

Download Pangolin 3.2.5

Download Guide