Email Injection

SMTP Injection & Mail Injection

GraphQL Injection

Click Jacking

JSONP Hijacking

Relative Path Overwrite

RPO Attack

SSRF

Server-Side Request Forgery

Path Traversal (Directory traversal)

Reverse Tabnabbing

Web Cache Deception

Insecure File Upload

Command Injection

SSTI Attack

Server-Side Template Injection

CSTI Attack

Client-Side Template Injection

LaTex Injection

Type Juggling

Loose Comparison Bug

SAML Injection

XXE

XML External Entity

IDOR Attack

Insecure Direct Object Reference

ESI Injection

Edge Side Include Injection

Websocket Connection Smuggling

WCS Attack

ReDOS Attack

Regex DOS

XS-Leaks

NoSQL Injection

CSRF

Cross-Site Request Forgery

Web Cache Poisoning

HTTP Parameter Pollution

HPP Attack

Insecure Deserialization

Prototype Pollution

Subdomain Takeover

Cookie Bomb Attack

Log Injection

File Inclusion

LFI & RFI

CSV Injection

SNI Injection

CSWSH Attack

Cross-Site WebSocket Hijacking

Zip Slip

LDAP Injection

XST

Cross-Site Tracing

Server-Side Javascript Injection

SSJI Attack

RFD Attack

Remote File Download

OGNL Injection

Object-Graph Navigation Language Injection

Open Redirect

Regex Injection

Client-Side Desync Attack

CSD Attack

HTTP Request Smuggling

HRS Attack

XSHM Attack

Cross Site History Manipulation

Dependency Confusion

CRLF Injection

ORM Injection

Github-Action Injection

SQL Injection

H2C Smuggling

Zip Bomb

XSS

Cross-Site Scripting

Brute Force

CSS Injection

DOM Clobbering

JSON Hijacking

EL Injection

Expression Language Injection