Old but still valid examples, why string escaping might not protect you against SQLi
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end
GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL and PostgreSQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). Commercial version of GreenSQL supporting Microsoft SQL Server is available here.
Samples are provided to allow reader to get basic idea of a potential attack and almost every section includes a brief information about itself.