Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications.
Once it has detected one or more SQL injections on the target host, it is possible to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS.
Pangolin is compatible with Windows systems only (2K/XP/2K3).
- Download Pangolin at this location: http://down2.nosec.org/pangolin_free_edition_184.108.40.2065.rar
- Unrar the archive and follow the steps of the installation