All SQL injection attacks can be carried out manually. However, you can use Python programming to automate the attack. If you are a good pentester and know how to perform attacks manually, then you can make your own program check this.
Here, Google fails to provide the login page for a particular website. Our first step is to find the admin console page. I remembered that, years ago, I used the URL
http://192.168.0.4/login.html. Now, web developers have become smart, and they use different names to hide the login page.
Consider that I have more than 300 links to try. If I try it manually, it would take around 1 to 2 days to obtain the web page.
Let's take a look at a small program,
login1.py, to find the login page...