"SQL Injection is perhaps the most common web-application hacking technique which attempts to pass SQL commands through a web application for execution by the back-end database. The vulnerability is presented when user input is incorrectly sanitized and thereby executed.

Checking for SQL Injection vulnerabilities involves auditing your web applications and the best way to do it is by using automated SQL Injection Scanners. We�ve compiled a list of free SQL Injection Scanners we believe will be of a value to both web application developers and professional security auditors."

Article Link: http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners