# OWASP

- [SQLI](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/sqli.md)
- [XSS](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/xss.md): Stealing user cookies for account takeover is much better than popping an alert box.
- [File Upload](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/file-upload.md)
- [Directory Traversal](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/directory-traversal.md)
- [Open Redirect](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/open-redirect.md)
- [IDOR](/my-notes/bug-bounty-playbook-v2/basic-hacking/owasp/idor.md): Insecure Direct Object Reference