SQLMap is the most popular SQL Injection vulnerability scanner out there and is fully open-source! SQLMap is available on GitHub
GitHub – sqlmapproject/sqlmap: Automatic SQL injection and database takeover tool
Ghauri is an advanced tool that helps you automate the detection and exploitation of SQL Injection vulnerabilities! Ghauri is also open-source and available on GitHub!
GitHub – r0oth3x49/ghauri: An advanced cross-platform tool that automates the process of detecting…
SQLiv is capable of google dorking a specific target, crawling it and scanning multiple URLs for SQL Injections! Although the repo is archived, the tool is still available on Github
GitHub – the-robot/sqliv: massive SQL injection vulnerability scanner
Blisqy is designed to find time-based blind SQL injection vulnerabilities in HTTP headers Currently, it is only capable of exploiting MySQL and MariaDB backend servers Blisqy is available on GitHub as well:
GitHub – JohnTroony/Blisqy: Version 0.2 – Exploit Time-based blind-SQL injection in HTTP-Headers…
Also, don’t forget to check by hand as these tools can give false negatives 😉