SQLMap is the most popular SQL Injection vulnerability scanner out there and is fully open-source! SQLMap is available on GitHub
Ghauri is an advanced tool that helps you automate the detection and exploitation of SQL Injection vulnerabilities! Ghauri is also open-source and available on GitHub!
SQLiv is capable of google dorking a specific target, crawling it and scanning multiple URLs for SQL Injections! Although the repo is archived, the tool is still available on Github
Blisqy is designed to find time-based blind SQL injection vulnerabilities in HTTP headers Currently, it is only capable of exploiting MySQL and MariaDB backend servers Blisqy is available on GitHub as well:
Also, don’t forget to check by hand as these tools can give false negatives 😉