An application designed to assist in exploiting SQL injection attacks against applications based upon Microsoft SQL Server. Written in Perl. Fingerprints server, can bruteforce the password on the "sa" account, escalate privileges, create custom stored procedures to wreak havoc.
A utility capable of fingerprinting back-end SQL databases, pulling authentication credentials and schemas, enumerating databases, and generating SQL injection attacks against web applications. Can handle MySQL, Oracle, Postgres, SQL Server, DB2, and other systems.
A handy cheatsheet for crafting SQL injection attacks against web apps backed by Oracle.
A website that teaches how you to code in such a way as to prevent SQL injection vulnerabilities in your code. Covers many languages, from ASP to Scheme.