I have decided to write a cheatsheet containing all that i have learnt from 2 years in the web application security field, in this post i will be focusing on SQL
select+count(*),concat((select+table_name+from+information_schema.tables+limit+3,1),0x3a,floor(rand(0)*2)