NoSQL Injection

SNI Injection

SSRF

Server-Side Request Forgery

Log Injection

Click Jacking

Client-Side Desync Attack

CSD Attack

Regex Injection

CSV Injection

SAML Injection

Relative Path Overwrite

RPO Attack

Type Juggling

Loose Comparison Bug

XSS

Cross-Site Scripting

CSTI Attack

Client-Side Template Injection

Command Injection

Web Cache Poisoning

XSHM Attack

Cross Site History Manipulation

IDOR Attack

Insecure Direct Object Reference

Subdomain Takeover

File Inclusion

LFI & RFI

Dependency Confusion

CSWSH Attack

Cross-Site WebSocket Hijacking

SSTI Attack

Server-Side Template Injection

Web Cache Deception

Insecure Deserialization

Open Redirect

CSS Injection

OGNL Injection

Object-Graph Navigation Language Injection

ESI Injection

Edge Side Include Injection

SQL Injection

GraphQL Injection

Github-Action Injection

Server-Side Javascript Injection

SSJI Attack

JSONP Hijacking

CSRF

Cross-Site Request Forgery

JSON Hijacking

Zip Bomb

XS-Leaks

RFD Attack

Remote File Download

Reverse Tabnabbing

ORM Injection

Insecure File Upload

LDAP Injection

XST

Cross-Site Tracing

HTTP Request Smuggling

HRS Attack

XXE

XML External Entity

Path Traversal (Directory traversal)

H2C Smuggling

Websocket Connection Smuggling

WCS Attack

Email Injection

SMTP Injection & Mail Injection

DOM Clobbering

ReDOS Attack

Regex DOS

EL Injection

Expression Language Injection

HTTP Parameter Pollution

HPP Attack

Cookie Bomb Attack

Zip Slip

CRLF Injection

Prototype Pollution

Brute Force

LaTex Injection