FG-Injector is a free open source framework designed to help find SQL injection vulnerabilities in web applications. It includes a proxy feature for intercepting and modifying HTTP requests, and an interface for automating SQL injection exploitation.

It’s a common thought among web developers that by disabling error messages in their code, SQL injection vulnerabilities stop being relevant. When a SQL injection vulnerability doesn’t return errors messages it is known as a Blind Injection. With careful planning, attackers can obtain the same data through the Blind SQL Injection that they would obtain from a regular - non-blind- SQL injection.