In regular practise many users are used to web application which consist of web server, web forms and database. The backend web application are exposed to vulnerable and unauthorised attacks as the web users are increasing day by day. Web application can have responsive and secret data which are stored in database. Users give data to web application which in turn retrieve data from the database through SQL through SQL query. During this process injection attack takes place which is most powerful and popular attack for system hacking. By using SQL attack, attackers can get your information, access the system and can manage your overall application. In this paper we exemplify SQLIA method and finding and anticipation tools.