Pangolin - The one of the best SQL Injection Tool

[netofcat]

Pangolin - The one of the best SQL Injection Tool

--------------------------------------------------------------------------------

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more. More information please visit here.
Access
DB2
Informix
MSSQL 2000 with Error
MSSQL 2000 Blind
MSSQL 2005 with Error
MSSQL 2005 Blind
Mysql
Oracle
PostgreSQL
Sqlite3
Sybase
Configuration Save
Bypass firewall advance mode
Report Export

Netword & Media resources:
PANGOLIN: Automatización de inyección SQL（Spanish） http://www.hacktimes.com/?q=node/57
Scanning an Oracle-based website with Pangolin (Flash)
http://www.red-database-security.com/vi ... ideos.html
Web Application Testing with Pangolin (Video & Screenshot)
http://blog.red-database-security.com/2 ... hot/print/
http://down2.nosec.org/pangolin_free_ed ... .0.937.rar

[DanielG]

lol spam fail.

In the screenshot you can see the titlebar say "maded by", wow if you can't even spell i'm not gonna trust your program.