I have been testing with automated sql injection tools, such as pangolin, and just want to know what I could use to intercept the commands, to learn more about how it works and what kind of injections they use. Somebody mentioned WebScarab, but it doesnt seem to be intercepting anything with pangolin. any others i could use?