SQL Injection is widely known and used method to penetrate into websites. since the rise of the CMS like wordpress & joomla etc, mass hacking attacks are becoming more frequent as one single vulnerability in the scripting puts millions of blogs/websites on risk. The aim of the attacks are to gather data of interest, defacing the websites and sometimes trolling (kid hackers!).
Here is the list of top 5 SQL Injection tools that might come in handy when you are checking your own website for vulnerabilities.
1. Havij SQL Injection Tool:
By far THE best SQL Injection tool that I have come across. It is fast, robust & design to analyze the database deeply in order to find the vulnerability. Also, it is very newbie friendly since it has a GUI and works on windows.
2. SQL Ninja:
My second favorite when it comes to SQL injection. I personally like this tool because it also works with MS SQL. This tool is good because it focuses more on getting interactive shell on the remote database server instead of extracting the data.
3.Safe3SI:
Another tool with a GUI (works with windows) which is powerful and user-friendly pen test tool. This tool automates al the processes. Right from the fingerprinting, till extraction of info from the database. This would be the second choice for windows users after Havij.
4. BlindSQL Hacker:
Blind SQL Hacker aka BSQL Hacker automates vulnerability identification and exploitation for all the environments e.g. mySQL & MSSQL.
5. SQLMAP:
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
I believe manual SQL Injection can out run any of these tools, however, it is pain in the ass and consumes a lot of time. Working with any of these tools along with manual penetration can produce some great results. I have used all of the mentioned tools and seemed to work pretty fine.