[+] Sql Injection Attack

[+] Hibernate Query Language Injection

[+] Direct OS Code Injection

[+] XML Entity Injection

[+] Broken Authentication and Session

Management

[+] Cross-Site Scripting (XSS)

[+] Insecure Direct Object References

[+] Security Misconfiguration

[+] Sensitive Data Exposure

[+] Missing Function Level Access Control

[+] Cross-Site Request Forgery (CSRF)

[+] Using Components with Known Vulnerabilities

[+] Unvalidated Redirects and Forwards

[+] Cross Site Scripting Attacks

[+] Click Jacking Attacks

[+] DNS Cache Poisoning

[+] Symlinking – An Insider Attack

[+] Cross Site Request Forgery Attacks

[+] Remote Code Execution Attacks

[+] Remote File inclusion

[+] Local file inclusion

[+] EverCookie

[+] Denial oF Service Attack

[+] Cookie Eviction

[+] PHPwn

[+] NAT Pinning

[+] XSHM

[+] MitM DNS Rebinding SSL/TLS Wildcards and

XSS

[+] Quick Proxy Detection

[+] Improving HTTPS Side Channel Attacks

[+] Side Channel Attacks in SSL

[+] Turning XSS into Clickjacking

[+] Bypassing CSRF protections with Click

Jacking and

[+] HTTP Parameter Pollution

[+] URL Hijacking

[+] Stroke Jacking

[+] Fooling B64_Encode(Payload) on WAFs And

Filters

[+] MySQL Stacked Queries with SQL Injection

[+] Posting Raw XML cross-domain

[+] Generic Cross-Browser Cross-Domain thef

[+] Attacking HTTPS with Cache Injection

[+] Tap Jacking

[+] XSS - Track

[+] Next Generation Click Jacking

[+] XSSing Client-Side Dynamic HTML

[+] Stroke triggered XSS and Stroke Jacking

[+] Lost iN Translation

[+] Persistent Cross Interface Attacks

[+] Chronofeit Phishing

[+] SQLi Filter Evasion Cheat Sheet (MySQL)

[+] Tabnabbing

[+] UI Redressing

[+] Cookie Poisoning

[+] SSRF

[+] Bruteforce of PHPSESSID

[+] Blended Threats and JavaScript

[+] Cross-Site Port Attacks

[+] CAPTCHA Re-Riding Attack