Joe Stagner blogged about some tools available to deal with SQL injection attacks. I have used both HP Scrawlr and Microsoft ® Source Code Analyzer for SQL Injection and I have to say they both are easy to use tools that do the job right.
Here is the post: http://www.misfitgeek.com/Tools+To+Block+And+Eradicate+SQL+Injection.aspx
The Microsoft Source Code Analyzer for SQL Injection tool: http://support.microsoft.com/kb/954476
HP Scrawlr: http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/24/finding-sql-injection-with-scrawlr.aspx