HAHWUL

Client-Side Template Injection

Github-Action Injection

MAY 21, 2022

LaTex Injection

APRIL 09, 2022

Type Juggling

MAY 01, 2022

Loose Comparison Bug

CSWSH Attack

AUGUST 23, 2021

Cross-Site WebSocket Hijacking

JSONP Hijacking

SEPTEMBER 05, 2021

Dependency Confusion

NOVEMBER 22, 2021

Brute Force

APRIL 10, 2022

CRLF Injection

SEPTEMBER 07, 2021

SSTI Attack

NOVEMBER 22, 2021

Server-Side Template Injection

GraphQL Injection

AUGUST 09, 2022

RFD Attack

NOVEMBER 01, 2021

Remote File Download

IDOR Attack

APRIL 30, 2022

Insecure Direct Object Reference

SSRF

AUGUST 12, 2021

Server-Side Request Forgery

HTTP Request Smuggling

JANUARY 12, 2021

HRS Attack

XS-Leaks

MAY 07, 2022

Log Injection

APRIL 07, 2022

XSS

AUGUST 12, 2021

Cross-Site Scripting

Command Injection

SEPTEMBER 10, 2021

XST

OCTOBER 08, 2021

Cross-Site Tracing

EL Injection

JUNE 19, 2022

Expression Language Injection

Reverse Tabnabbing

AUGUST 12, 2021

Insecure File Upload

JULY 03, 2022

Websocket Connection Smuggling

AUGUST 12, 2021

WCS Attack

Relative Path Overwrite

FEBRUARY 27, 2022

RPO Attack

Prototype Pollution

APRIL 18, 2022

Click Jacking

OCTOBER 26, 2021

File Inclusion

JUNE 25, 2022

LFI & RFI

LDAP Injection

OCTOBER 24, 2021

ESI Injection

DECEMBER 19, 2021

Edge Side Include Injection

XSHM Attack

APRIL 09, 2022

Cross Site History Manipulation

XXE

JANUARY 27, 2022

XML External Entity

CSV Injection

SEPTEMBER 07, 2021

Zip Bomb

FEBRUARY 04, 2023

Open Redirect

SEPTEMBER 10, 2021

H2C Smuggling

AUGUST 12, 2021

NoSQL Injection

JUNE 17, 2022

Path Traversal (Directory traversal)

SEPTEMBER 09, 2021

SQL Injection

OCTOBER 16, 2021

HTTP Parameter Pollution

SEPTEMBER 20, 2021

HPP Attack

ReDOS Attack

MARCH 30, 2022

Regex DOS

Cookie Bomb Attack

OCTOBER 16, 2021

Client-Side Desync Attack

DECEMBER 23, 2022

CSD Attack

DOM Clobbering

OCTOBER 08, 2021

Email Injection

MAY 22, 2022

SMTP Injection & Mail Injection

SNI Injection

MARCH 09, 2023

Web Cache Deception

NOVEMBER 21, 2021

Regex Injection

MARCH 30, 2022

Subdomain Takeover

SEPTEMBER 21, 2022

SAML Injection

MAY 01, 2022

Server-Side Javascript Injection

FEBRUARY 27, 2022

SSJI Attack

CSRF

AUGUST 12, 2021

Cross-Site Request Forgery

JSON Hijacking

SEPTEMBER 05, 2021

Insecure Deserialization

FEBRUARY 20, 2022

OGNL Injection

More Articles

Zip Slip

ORM Injection

Web Cache Poisoning

CSS Injection

CSTI Attack

Github-Action Injection

LaTex Injection

Type Juggling

CSWSH Attack

JSONP Hijacking

Dependency Confusion

Brute Force

CRLF Injection

SSTI Attack

GraphQL Injection

RFD Attack

IDOR Attack

SSRF

HTTP Request Smuggling

XS-Leaks

Log Injection

XSS

Command Injection

XST

EL Injection

Reverse Tabnabbing

Insecure File Upload

Websocket Connection Smuggling

Relative Path Overwrite

Prototype Pollution

Click Jacking

File Inclusion

LDAP Injection

ESI Injection

XSHM Attack

XXE

CSV Injection

Zip Bomb

Open Redirect

H2C Smuggling

NoSQL Injection

Path Traversal (Directory traversal)

SQL Injection

HTTP Parameter Pollution

ReDOS Attack

Cookie Bomb Attack

Client-Side Desync Attack

DOM Clobbering

Email Injection

SNI Injection

Web Cache Deception

Regex Injection

Subdomain Takeover

SAML Injection

Server-Side Javascript Injection

CSRF

JSON Hijacking

Insecure Deserialization