Today, I am sharing my resource to find SQLi vulnerability. SQLi is the technique to take over the database of the website. SQLi is the most dangerous attack as per the OWASP top 10 vulnerabilities and SANS top 25 vulnerabilities. I am sharing the online and offline tools through this blog.

Top 10 SQL Injection attacks tools

1. SQL Injection Testing with Sqlmap


Detecting SQL Injection flaws online by support MySQL, Oracle, PostgreSQL, Microsoft SQL, IBM DB2, Firebird, Sybase, etc. database.

3. Acunetix

4. SQL Injection Test Online

Another online tool by Hacker Target based on SQLMap to find bind & error based vulnerability against HTTP GET request.

5. Scan My Server

Scan My Server by Beyond Security is a FREE scanner to test your website for malware, cross-site scripting, SQL injection and other vulnerabilities.

6. Vega

Vega is an open-source security scanner software which can be installed on Linux, OS X, and Windows.

7. SQLMap

SQLMap is one of the popular open source testing tools to perform SQL injection against relational database management system.

8. SQL Inject Me

SQL Inject Me is a Firefox add-ons send database escape strings through HTML form fields and look for the error message in the output page.

9. Netsparker

Netsparker is one of the popular web security scanners comes in desktop or cloud version. It detects a large number of security flaws including OWASP top 10.

10. Appspider

Appspider by Rapid7 is a dynamic application security testing solution to crawl and test a web application for more than 80 types of attack. (Paid tool)


  1. You really make it appear so easy along with your presentation but I find this
    matter to be really one thing that I feel I’d by no means understand.

    It sort of feels too complicated and extremely wide for me.

    I am taking a look forward in your subsequent
    put up, I’ll try to get the hang of it!


Please enter your comment!
Please enter your name here