Pangolin Datasheet

2
Pangolin —SQL Injection Pen-test Tool Get your website healthy status by check it reaction Pangolin--SQL Injection penetration test (Pen-test) tool for Website administrator and IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. No technical skills required. Pangolin can finish Pen-test website after click button “start”. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, and enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities. Detects and take advantage of SQL injection vulnerabilities in web applications. and then Perform an extensive back-end DBMS fingerprint Enumerate users, password, privileges, databases, tables, columns. Dump entire or specified data inside database. One click test Deeply analysis System Information Retreater Database Information File Writer Database Path Command Line Root Path Registry edit Drivers Data Dumper Data MD5 Cracker File Reader File browser Function List á Use Command line to execute command on Web Server through SQL Injection Vulnerability. á Use File Writer write file on Web Server file system. á Password Crack Parts of Features l Auto analyze keyword Auto analyze keyword, detect Database, detect inject type l Injection Dig ger Get more inject target URL l Bypass Firewall Support Bypass firewall l HTTPS support l Specify any HTTP headers(User-agent, Cookie, Referrer and so on) l Many types of Inject Method: Support GET, POST, COOKIES, RAW l Data dumper Fast dump data from database injected. l Injection-points management Manage Injection database easily. l Pre-Login: Support inject target URL with login. l Detailed check options l Support URL with basic authenticatio n And more features. www.nosec-inc.com

description

Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Support Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase.

Transcript of Pangolin Datasheet

Page 1: Pangolin Datasheet

Pangolin—SQL Injection Pen-test Tool

Get your website healthy status by check it reaction

Pangolin--SQL Injection penetration test

(Pen-test) tool for Website administrator and

IT Security analyst. Its goal is to detect and

t a k e a d v a n t a g e o f S Q L i n j e c t i o n

vulnerabilities on web applications.

No technical skills required. Pangolin can

finish Pen-test website after click button

“start”.

It is capable to perform an extensive database

management system back-end fingerprint,

retrieve remote DBMS databases, usernames,

tables, columns, and enumerate entire DBMS,

read system files and much more taking

advantage of web application programming

security flaws that lead to SQL injection

vulnerabilities.

Detects and take advantage of SQL injection

vulnerabilities in web applications. and then

Pe r f o r m a n e x t e n s i v e b a c k- e n d D B M S

fingerprint

Enumerate users, password, pr iv i leges,

databases, tables, columns.

Dump entire or specified data inside database.

One click test

Deeply analysis

�System Information �Retreater

�Database Information �File Writer

�Database Path �Command Line

�Root Path �Registry edit

�Drivers �Data Dumper

�Data �MD5 Cracker

�File Reader �File browser

Function List

áUse Command line to execute command on Web Server through SQL Injection Vulnerability.

áUse File Writer write file on Web Server file system.

áPassword Crack

Parts of Features

l Auto analyze keyword

Auto analyze keyword, detect Database, detect

inject type

l Injection Digger

Get more inject target URL

l Bypass Firewall

Support Bypass firewall

l HTTPS support

l Specify any HTTP headers(User-agent, Cookie,

Referrer and so on)

l Many types of Inject Method:

Support GET, POST, COOKIES, RAW

l Data dumper

Fast dump data from database injected.

l Injection-points management

Manage Injection database easily.

l Pre-Login:

Support inject target URL with login.

l Detailed check options

l Support URL with basic authentication

And more features.

www.nosec-inc.com

Page 2: Pangolin Datasheet

�Windows 2000

�Windows XP

�Windows Vista 32 bit

�Windows Vista 64 bit

�Windows 7 32bit

�Windows 7 64bit

Platform supported

Hardware Environment

Intel 800MHZ or AMD K7, Memory 128M

D i s c l a i m e r : T h e c u s t o m e r i s responsible for ensuring compliance with legal requirements. It is the customer's sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer's business and any actions the reader may have to take to comply with such laws. NOSEC does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation.

Copyright © 2009 NOSEC Technologies Co., LtdRoom 609, ShaHeShiJi Holiday Plaza, ShenNan Road,

Shenzhen, Guangdong, China. Produced in ChinaAll Rights Reserved NOSEC, the NOSEC logo, JSky, iiScan are trademarks of NOSEC Technologies Co., Ltd in China, other countries or both. Other company, product and service names may be trademarks or service marks of others.www.nosec-inc.com

www.nosec-inc.com

Pangolin—SQL Injection Pen-test Tool

Get your website healthy status by check it reaction