52ky 发表于 2022-9-19 10:13:42

pangolin 穿山甲 工具及使用教程

Pangolin是一款帮助渗/透测试人员进行Sql注入测试的安全工具。所谓的SQL注入测试就是通过利用目标网站的某个页面短少对用户传递参数控制或许控制的不够好的状况下出现的漏洞,然后到达获取、修复、删去数据,乃至控制数据库服务器、Web服务器的目的的测试方法。Pangolin可以通过一系列十分简单的操作,到达最大化的攻击测试作用。它从检测注入开始到最后控制目标系统都给出了测试过程。过去有很多Sql注入工具,不过部分功能不完全,支持的数据库不够多,或许是速度比较慢。可是,在Pangolin发布今后,这些问题都得到了管理。Pangolin可能是目前已有的注入工具中最好的之一。

(Pangolin is a security tool that helps penetration/penetration testers to perform Sql injection testing. The so-called SQL injection test is to use the loopholes that appear when a certain page of the target website is short of controlling the parameters passed by the user or the control is not good enough, and then obtains, repairs, deletes data, and even controls the database server and Web server. Purpose test method. Pangolin can achieve maximum attack testing effect through a series of very simple operations. It gives the testing process from the detection of injection to the final control of the target system. In the past, there were many Sql injection tools, but some of the functions were not complete, the supported databases were not enough, or the speed was relatively slow. However, since the release of Pangolin, these issues have been managed. Pangolin is probably one of the best injection tools out there.)




页: [1]
查看完整版本: pangolin 穿山甲 工具及使用教程