Cookie Bomb Attack

Dependency Confusion

Insecure Deserialization

GraphQL Injection

XSHM Attack

Cross Site History Manipulation

CSV Injection

H2C Smuggling

Click Jacking

CRLF Injection

OGNL Injection

Object-Graph Navigation Language Injection

CSRF

Cross-Site Request Forgery

CSTI Attack

Client-Side Template Injection

Relative Path Overwrite

RPO Attack

JSON Hijacking

Path Traversal (Directory traversal)

HTTP Request Smuggling

HRS Attack

Web Cache Deception

LaTex Injection

Client-Side Desync Attack

CSD Attack

RFD Attack

Remote File Download

SSTI Attack

Server-Side Template Injection

XXE

XML External Entity

SQL Injection

XS-Leaks

Open Redirect

File Inclusion

LFI & RFI

CSWSH Attack

Cross-Site WebSocket Hijacking

ORM Injection

Prototype Pollution

Email Injection

SMTP Injection & Mail Injection

ESI Injection

Edge Side Include Injection

Zip Slip

SNI Injection

Type Juggling

Loose Comparison Bug

Regex Injection

Zip Bomb

Command Injection

IDOR Attack

Insecure Direct Object Reference

Server-Side Javascript Injection

SSJI Attack

SSRF

Server-Side Request Forgery

NoSQL Injection

LDAP Injection

Web Cache Poisoning

XST

Cross-Site Tracing

HTTP Parameter Pollution

HPP Attack

Brute Force

ReDOS Attack

Regex DOS

Websocket Connection Smuggling

WCS Attack

CSS Injection

SAML Injection

XSS

Cross-Site Scripting

Insecure File Upload

EL Injection

Expression Language Injection

Log Injection

Github-Action Injection

Reverse Tabnabbing

Subdomain Takeover

JSONP Hijacking

DOM Clobbering