SQL injection is the most dangerous and common web application attack, there are so many tools are available to exploit the
SQL-injection vulnerability like Havij and SQLmap but to find a vulnerability is an important step to exploit the web application. This is a wonderful tool that can find the SQL-injection vulnerability on a web application.
SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can generate a pdf report which contains the url vuln found and the url crawled.
Remember that SQLSentinel is not an exploiting tool. It can only finds url Vulnerabilities
HOW TO USE SQLSentinel
Download the tool here. http://sourceforge.net/projects/sqlsentinel/files/
Extract it on your directory of choice
Simply open the terminal and then locate the directory where you have extracted the tool before.
It is a Java dependent so use the command as:
java -jar sqlsentinel.jar