Web Application
Web application attack techniques, vulnerability classes, and exploitation notes organized by category.
Table of contents
- API Testing
- Access Control
- Advanced SQLi
- Authentication
- Business Logic
- CORS and SOP
- CSRF
- Clickjacking
- DOM Based
- Essential Skills Labs
- File Inclusion Traversal
- File Upload Vulnerabilities
- GraphQL
- HTTP Host Header
- HTTP Request Smuggling
- Information Disclosure
- Insecure Deserialization
- JWT
- LDAP Injection
- Mystery Labs
- NoSQL Injection
- OAuth
- ORM Injection
- OS Injection
- Practice Test
- Prototype Pollution
- Race Conditions
- SQL Injection
- SSRF
- SSTI
- Server Side Vulnerabilities
- WebSockets
- Web Cache Deception
- Web Cache Poisoning
- Web LLM Attacks
- XSS
- XXE