Open Source SQL/Code Injection Scanning Application?

I have a site that I see is getting a ton of SQL injections and Code injections per day. I use CrawlTrack to view/record/bloc开发者_StackOverflow中文版k the IPs, but now I want to do a comprehensive scan of my domain to see if I am overlooking any vulnerabilities I need to be fixing AsAP.

Does anyone know of any stand alone Mac application or browser based scanning software that would help find potential issues on a domain?

Acunetix has a free edition. Check if it is useful. Here is a OWASP XSS prevention reference. It has reusable components, cheat sheets etc.

Does your database support stored procedures? This would help prevent the SQL injection issues.