Friday, 29 November 2013

Pangolin - SQL Injection Tool

What is SQL Injection?
SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. An SQL query is a request for some action to be performed on a database. Typically, on a Web form for user authentication, when a user enters their name and password into the text boxes provided for them, those values are inserted into a SELECT query. If the values entered are found as expected, the user is allowed access; if they aren't found, access is denied. However, most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways.
SQL injection is one of the popular web application hacking method.  Using the SQL Injection attack, an unauthorized person can access the database of the website. Attacker can extract the data from the database.

In this article, I have presented a SQL Injection tool named Pangolin;

  • Support Microsoft SQL Server 2008;2010.
  • Improved SQL Injection for MySQL. Support detecting function Unhex().
  • New option added Scan->Extend scan mode. Optimize ability to Inject.
  • Improved Cookie detection. Multiple URL redirection will be Inject correctly.

Note: Do Not Use Any Tutorial Of This Blog To Harm Anyone. This Is Only For Educational Purpose. I Will Not Be Responsible For Anything Done By You.

Size: 9.5 MB

Do you my like Articles..?

Get Free Email Updates Daily!

Follow us!



  1. i am not able to download.The page shows blank.I heard the news that it has been banned in india ,is it so?


Please Comment Here To Inform Us Your Review About It. Thank You