In this modern era, the rapid development of science and technology is certainly very beneficial for human life. However, this development can also bring threats, such as cyber attacks. One type of cyber attack that is often used is SQL injection, which targets database security. Three tools that can be used in testing SQL injection are SQL sus, SQL ninja, and The mole. Testing these three tools uses two operating systems, that is Kali Linux and Windows. The test results are measured based on several parameters, namely, the speed of the tool in responding to commands, the number of stages in its application, the features contained therein, and its efficiency. Based on the test results, it is known that only the sus SQL tool successfully injected a website, while the other two tools failed.