To apply SQl Injection there is a very popular tool named as BSQL Hacker. You can download it from here.
=========================================================================================================================
bsql hacker tool
SQL (Structured Query Language) is the language used for interaction with databases. SQL injection is a web application attack that injects malicious syntax in SQL Queries.
BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).It allows metasploit alike exploit repository to share and update exploits.
Blind SQL Hacker Key Features
Easy Mode SQL Injection Wizard Automated Attack Support (database dump) ORACLE MSSQL MySQL (experimental) General Fast and Multithreaded 4 Different SQL Injection Support Blind SQL Injection Time Based Blind SQL Injection Deep Blind (based on advanced time delays) SQL Injection Error Based SQL Injection Can automate most of the new SQL Injection methods those relies on Blind SQL Injection RegEx Signature support Console and GUI Support Load / Save Support Token / Nonce / ViewState etc. Support Session Sharing Support Advanced Configuration Support Automated Attack mode, Automatically extract all database schema and data mode Update / Exploit Repository Features Metasploit alike but exploit repository support Allows to save and share SQL Injection exploits Supports auto-update Custom GUI support for exploits (cookie input, URL input etc.) GUI Features Load and Save Template and Attack File Support (Users can save sessions and share them. Some sections like username, password or cookie in the templates can be show to the user in a GUI) Visually view true and false responses as well as full HTML response, including time and stats Connection Related Proxy Support (Authenticated Proxy Support) NTLM, Basic Auth Support, use default credentials of current user/application SSL (also invalid certificates) Support Custom Header Support Injection Points (only one of them or combination) Query String Post HTTP Headers Cookies Other Post Injection data can be stored in a separated file XML Output (not stable) CSRF protection support