# Injection Attacks

- [SQL Injection](/offensive-security/web-application/exploitation/injection-attacks/sql-injection.md): How to exploit SQL and noSQL Injection.
- [Cross-Site Scripting](/offensive-security/web-application/exploitation/injection-attacks/cross-site-scripting.md): How to exploit cross-site scripting (XSS).
- [HTTP Headers](/offensive-security/web-application/exploitation/injection-attacks/http-headers.md): How to exploit HTTP Headers.