Zip Bomb

Prototype Pollution

Log Injection

Insecure Deserialization

SSTI Attack

Server-Side Template Injection

DOM Clobbering

ReDOS Attack

Regex DOS

Email Injection

SMTP Injection & Mail Injection

Relative Path Overwrite

RPO Attack

RFD Attack

Remote File Download

SAML Injection

XXE

XML External Entity

CSV Injection

Zip Slip

XS-Leaks

Type Juggling

Loose Comparison Bug

CSWSH Attack

Cross-Site WebSocket Hijacking

XSHM Attack

Cross Site History Manipulation

Cookie Bomb Attack

HTTP Request Smuggling

HRS Attack

LaTex Injection

XSS

Cross-Site Scripting

CSTI Attack

Client-Side Template Injection

CSS Injection

Server-Side Javascript Injection

SSJI Attack

File Inclusion

LFI & RFI

Brute Force

H2C Smuggling

ORM Injection

Github-Action Injection

SSRF

Server-Side Request Forgery

CRLF Injection

Command Injection

Click Jacking

CSRF

Cross-Site Request Forgery

Websocket Connection Smuggling

WCS Attack

HTTP Parameter Pollution

HPP Attack

Web Cache Deception

Open Redirect

XST

Cross-Site Tracing

GraphQL Injection

Reverse Tabnabbing

Path Traversal (Directory traversal)

Subdomain Takeover

Client-Side Desync Attack

CSD Attack

IDOR Attack

Insecure Direct Object Reference

Regex Injection

LDAP Injection

ESI Injection

Edge Side Include Injection

SNI Injection

OGNL Injection

Object-Graph Navigation Language Injection

NoSQL Injection

Web Cache Poisoning

EL Injection

Expression Language Injection

JSONP Hijacking

SQL Injection

JSON Hijacking

Insecure File Upload

Dependency Confusion