- sqlmap - https://github.com/sqlmapproject/sqlmap: A popular open-source penetration testing tool that automates the process of detecting and exploiting SQL injection vulnerabilities in web applications.
- dvwa - https://github.com/ethicalhack3r/dvwa: Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is deliberately designed to be vulnerable to various types of attacks, including SQL injection. It can be used for training and testing purposes.
- bWAPP - https://github.com/ethicalhack3r/bWAPP: bWAPP (buggy web application) is another vulnerable web application that can be used for learning and practicing web application security testing, including SQL injection.
- SQLi-labs - https://github.com/Audi-1/sqli-labs: SQLi-labs is a set of vulnerable web applications that are designed to be used for learning and practicing SQL injection attacks.
- Mutillidae - https://github.com/webpwnized/mutillidae: Mutillidae is a web application that contains a range of vulnerabilities, including SQL injection, and can be used for training and testing purposes.