# Web Exploitation

- [SQLi](/ctf-guide/web-exploitation/intro-to-sqli.md)
- [Authentication By-Pass](/ctf-guide/web-exploitation/intro-to-sqli/authentication-by-pass.md)
- [Union Based Attacks](/ctf-guide/web-exploitation/intro-to-sqli/union-based-attacks.md)
- [Blind Injections](/ctf-guide/web-exploitation/intro-to-sqli/blind-injections.md)
- [Time-Based Blind Injections](/ctf-guide/web-exploitation/intro-to-sqli/time-based-blind-injections.md)
- [Error Based Injections](/ctf-guide/web-exploitation/intro-to-sqli/error-based-injections.md)
- [Second Order Injections](/ctf-guide/web-exploitation/intro-to-sqli/second-order-injections.md)
- [File Upload Vulnerabilities](/ctf-guide/web-exploitation/file-upload-vulnerabilities.md)
- [Content type restrictions](/ctf-guide/web-exploitation/file-upload-vulnerabilities/content-type-restrictions.md)
- [insufficient blacklisting](/ctf-guide/web-exploitation/file-upload-vulnerabilities/insufficient-blacklisting.md)
- [Obfuscating File Extensions](/ctf-guide/web-exploitation/file-upload-vulnerabilities/obfuscating-file-extensions.md)
- [Unrestricted file uploads](/ctf-guide/web-exploitation/file-upload-vulnerabilities/unrestricted-file-uploads.md)