Common Operators for Injections

Injection Type	Operators
SQL Injection	' , ; -- /* */
Command Injection	; &&
LDAP Injection	* ( ) & |
XPath Injection	' or and not substring concat count
OS Command Injection	; & |
Code Injection	' ; -- /* */ $() ${} #{} %{} ^
Directory Traversal/File Path Traversal	../ ..\\ %00
Object Injection	; & |
XQuery Injection	' ; -- /* */
Shellcode Injection	\x \u %u %n
Header Injection	\r %0d %0a %09