I am not sure of which tools would do this automatically. I am curious as well.
However, you should be able to do this manually. Suppose you have a cookie with a set of values, like
The application in theory would check the these fields. If you enter an injection vector through JS-injection or just tampering with request, you should be able to reach the database. The application would have to read the cookie though.