HAHWUL

Client-Side Desync Attack

DECEMBER 23, 2022

CSD Attack

Client-Side Template Injection

Email Injection

MAY 22, 2022

SMTP Injection & Mail Injection

Github-Action Injection

MAY 21, 2022

XSS

AUGUST 12, 2021

Cross-Site Scripting

Type Juggling

MAY 01, 2022

Loose Comparison Bug

IDOR Attack

APRIL 30, 2022

Insecure Direct Object Reference

JSONP Hijacking

SEPTEMBER 05, 2021

CSRF

AUGUST 12, 2021

Cross-Site Request Forgery

Cookie Bomb Attack

OCTOBER 16, 2021

XST

OCTOBER 08, 2021

Cross-Site Tracing

SSRF

AUGUST 12, 2021

Server-Side Request Forgery

XSHM Attack

APRIL 09, 2022

Cross Site History Manipulation

HTTP Parameter Pollution

SEPTEMBER 20, 2021

HPP Attack

ESI Injection

DECEMBER 19, 2021

Edge Side Include Injection

Subdomain Takeover

SEPTEMBER 21, 2022

SAML Injection

MAY 01, 2022

SSTI Attack

NOVEMBER 22, 2021

Server-Side Template Injection

EL Injection

JUNE 19, 2022

Expression Language Injection

CRLF Injection

SEPTEMBER 07, 2021

RFD Attack

NOVEMBER 01, 2021

Remote File Download

GraphQL Injection

AUGUST 09, 2022

Zip Slip

SEPTEMBER 20, 2021

XS-Leaks

MAY 07, 2022

JSON Hijacking

SEPTEMBER 05, 2021

HTTP Request Smuggling

JANUARY 12, 2021

HRS Attack

CSS Injection

JUNE 04, 2022

Insecure File Upload

JULY 03, 2022

CSV Injection

SEPTEMBER 07, 2021

Regex Injection

MARCH 30, 2022

Log Injection

APRIL 07, 2022

Command Injection

SEPTEMBER 10, 2021

NoSQL Injection

JUNE 17, 2022

Dependency Confusion

NOVEMBER 22, 2021

File Inclusion

JUNE 25, 2022

LFI & RFI

DOM Clobbering

OCTOBER 08, 2021

Websocket Connection Smuggling

AUGUST 12, 2021

WCS Attack

ReDOS Attack

MARCH 30, 2022

Regex DOS

SNI Injection

MARCH 09, 2023

LaTex Injection

APRIL 09, 2022

XXE

JANUARY 27, 2022

XML External Entity

Insecure Deserialization

FEBRUARY 20, 2022

SQL Injection

OCTOBER 16, 2021

Zip Bomb

FEBRUARY 04, 2023

ORM Injection

SEPTEMBER 07, 2022

Brute Force

APRIL 10, 2022

Relative Path Overwrite

FEBRUARY 27, 2022

RPO Attack

Click Jacking

OCTOBER 26, 2021

CSWSH Attack

AUGUST 23, 2021

Cross-Site WebSocket Hijacking

Web Cache Deception

NOVEMBER 21, 2021

H2C Smuggling

AUGUST 12, 2021

Web Cache Poisoning

OCTOBER 26, 2021

Reverse Tabnabbing

AUGUST 12, 2021

OGNL Injection

JUNE 19, 2022

Object-Graph Navigation Language Injection

Server-Side Javascript Injection

More Articles

Client-Side Desync Attack

Path Traversal (Directory traversal)

LDAP Injection

Open Redirect

Prototype Pollution

CSTI Attack

Email Injection

Github-Action Injection

XSS

Type Juggling

IDOR Attack

JSONP Hijacking

CSRF

Cookie Bomb Attack

XST

SSRF

XSHM Attack

HTTP Parameter Pollution

ESI Injection

Subdomain Takeover

SAML Injection

SSTI Attack

EL Injection

CRLF Injection

RFD Attack

GraphQL Injection

Zip Slip

XS-Leaks

JSON Hijacking

HTTP Request Smuggling

CSS Injection

Insecure File Upload

CSV Injection

Regex Injection

Log Injection

Command Injection

NoSQL Injection

Dependency Confusion

File Inclusion

DOM Clobbering

Websocket Connection Smuggling

ReDOS Attack

SNI Injection

LaTex Injection

XXE

Insecure Deserialization

SQL Injection

Zip Bomb

ORM Injection

Brute Force

Relative Path Overwrite

Click Jacking

CSWSH Attack

Web Cache Deception

H2C Smuggling

Web Cache Poisoning

Reverse Tabnabbing

OGNL Injection