Pangolin - v1.2.590
Pangolin is a GUI tool running on Windows to perform as more as possible pen-testing through SQL injection. This version now supports following databases and operations:
MSSQL : Server informations, Datas, CMD execute, Regedit, Write file, Download file, Read file, File Browser...
ORACLE : Server informations, Datas, Accounts cracking...
PGSQL : Server informations, Datas, Read file...
DB2 : Server informations, Datas, ...
INFORMIX : Server informations, Datas, ...
SQLITE : Server informations, Datas, ...
Access : Server informations, Datas, ...
SYBASE : Server informations, Datas, etc.
Specify any HTTP headers(User-agent, Cookie, Referer and so on)
Bypass firewall setting
Detailed check optio ns
Injection-points management etc.
What's the differents to the others?
Easy-of-use : What I try to do is making pen-tester more care about result, not the process. All you should do is clicking the buttons. Amazing Speed : so many people told you things about brute sql injection, is it really necessary? Forget char-by-char, we can row-by-row(of cource, not every injection-point can do this)?
The exact check method : do you really think automated tools like AWVS,APPSCAN can find all injection-points?
So, whatever, just check it out, and then enjoy your feeling ;)
More information : http://www.nosec.org/web/index.php?q=pangolin
Download : http://seclab.nosec.org/security/pangolin_bin.rar
Declare: Pangolin is designed for security testing by pen-tester when he has been authorized. DO NOT attack any website viciously or accept the consequences!!!