Pangolin Professional v3.2.5 + Tutorial Guide

Lama dah tak buat entri. Projek baru pon dah mula, jadi makin kurang la masa janjang untuk cari bahan dan buat entri kat sini. Sori yer Mr. Hac. tapi Janjang akan cuba luangkan masa untuk kongsi dengan semua bila berkesempatan.

Sebenarnya Janjang tak pasti samada Mr Hac ade tak buat review yang lepas-lepas pasal tool ni. kalau takde, ni ade tools untuk Script-Kiddies. Yang best nyer banyak jenis database yang tool ni boleh injek, bukan setakat SQL jer.
Terus terang Janjang cakap yang Janjang sendiri tak cuba lagi tool ni. ape kate korang cuba dan bagi review sket, ok tak ?
Malas nak translate, kalau korang tak paham tengok google atau kamus yer. Lagipon Guide dia dalam English gak.



Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or users specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.



Test many types of databases


Your web applications using Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase.

Pangolin supports all of them.

Features: Auto-analyzing keyword, HTTPS support, Pre-Login, Bypass firewall setting, Injection Digger, Data dumper, etc.



Powered by Blogger.