Along with current technological developments, security for data information residing on websites is very vulnerable to crimes in the internet world such as attacks on security holes in the database layer or often known as SQL Injection. SQL Injection attack is a method to insert SQL commands as input through an application, namely Kali Linux, in order to gain access to the database. This attack can find out usernames, passwords, and other data that is in the database. So that the SQL Injection attack is one of the most popular attacks and is often used to take advantage of security holes in the system because of how easy it is to use it. This study aims to test the level of effectiveness of SQL Injection attacks using the tools in it against a website. Testing the effectiveness is done by doing a comparison between the three tools that are in SQL Injection. The results of the research on the effectiveness of the tools in SQL Injection are the accuracy of database search times and the accuracy of information from the database.