Thanks for http://3xploit.com/?p=90 good article, I am still using Pangolin 2.5.2 Free edition. The 3.2.3 is the latest version. :)
Pangolin 3.2.3 free edition released Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or users specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more. Test many types of databases Your web applications using Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase? Pangolin supports all of them. Features: Auto-analyzing keyword, HTTPS support, Pre-Login, Bypass firewall setting, Injection Digger, Data dumper, etc. Download from http://down3.nosec.org/pangolin_free_edition_3.2.3.1105.zip
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
