Table of Contents Web Security Server-side SQL injection Authentication Directory traversal Command injection Business logic vulnerabilities Information disclosure Broken access control File upload vulnerabilites Server-Side request forgery XXE injection Client-side Cross-site scripting Cross-site request forgery Cross-origin resourse sharing Clickjacking (current) DOM-based vulnerabilities WebSockets OSINT Google dorks Links Useful Shells Links GitHub ssh