Q: What tools are used for testing for MySQL and other database injection vulnerabilities?
The following are often used to automate testing for SQL injections by network and security admins:
sqlmap – automatic SQL injection and database takeover tool
Havij – automated SQL injection tool
metasploit – security framework
(Metasploit as you may be aware is an entire framework used for various security testing!)
Pangolin – automated SQL injection test tool
The BackTrack Linux distro is a good disc to have in your security pocket as well:
Be smart! Only test your own server or servers that you have permission to do penetration testing.