[WEB SECURITY] Pangolin is updated(220.127.116.114)
zwell.nosec at gmail.com
Sat May 17 11:40:27 EDT 2008
I'm glad to tell you that Pangolin, the wonderful Sql injection tool, has
been updated to version 18.104.22.1684. You can download it from here:
Pangolin is a GUI tool running on Windows to perform as more as possible
pen-testing through SQL injection. This version now supports following
databases and operations:
* MSSQL : Server informations, Datas, CMD execute, Regedit, Write file,
Download file, Read file, File Browser...
* MYSQL : Server informations, Datas, Read file, Write file...
* ORACLE : Server informations, Datas, Accounts cracking...
* PGSQL : Server informations, Datas, Read file...
* DB2 : Server informations, Datas, ...
* INFORMIX : Server informations, Datas, ...
* SQLITE : Server informations, Datas, ...
* ACCESS : Server informations, Datas, ...
* SYBASE : Server informations, Datas, ...
* HTTPS support
* Specify any HTTP headers(User-agent, Cookie, Referer and so on)
* Bypass firewall setting
* Auto-analyzing keyword
* Detailed check options
* Injection-points management
What's the differents to the others?
* Easy-of-use : What I try to do is making pen-tester more care about
result, not the process. All you should do is clicking the buttons.
* Amazing Speed : so many people told you things about brute sql injection,
is it really necessary? Forget char-by-char, we can row-by-row(of cource,
not every injection-point can do this)?
* The exact check mothod : do you really think automated tools like
AWVS,APPSCAN can find all injection-points?
So, whatever, just check it out, and then enjoy your feeling ;)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity