01
SQL Injection
SQLi
Bypass authentication via crafted SQL payloads. Extract confidential records from vulnerable databases.
VIEW TUTORIAL →
02
Cross-Site Scripting
XSS
Inject malicious scripts into web applications. Hijack sessions and exfiltrate sensitive data.
VIEW TUTORIAL →
03
Command Injection
CMDi
Execute arbitrary OS commands through vulnerable input handlers. Achieve remote code execution.
VIEW TUTORIAL →
04
Local File Inclusion
LFI
Traverse the filesystem to read sensitive files. Access configuration and credential stores.
VIEW TUTORIAL →
05
IDOR
Access Control
Enumerate object IDs to access unauthorized data. Break object-level authorization controls.
VIEW TUTORIAL →
06
JWT Exploitation
Auth Bypass
Forge authentication tokens using algorithm confusion attacks. Escalate privileges to admin.
VIEW TUTORIAL →
07
SSRF
Network
Force the server to make requests to internal services. Access cloud metadata and internal APIs.
VIEW TUTORIAL →
08
XML External Entity
XXE
Inject malicious XML entities to read files and trigger SSRF through vulnerable XML parsers.
VIEW TUTORIAL →
09
CSRF Bypass
CSRF
Forge cross-site requests to perform unauthorized actions on behalf of authenticated users.
VIEW TUTORIAL →
10
Insecure Deserialization
RCE
Exploit pickle deserialization to achieve arbitrary code execution on the target system.
VIEW TUTORIAL →
11
Blind SQLi
SQLi
Extract data without visible output using time-based CPU oracles and boolean inference techniques.
VIEW TUTORIAL →
12
JWT Algorithm Confusion
JWT
Exploit RS256 → HS256 algorithm switching to forge tokens signed with the public key as the secret.
VIEW TUTORIAL →
13
Log Injection
Log Injection
Inject malicious entries into SIEM log streams to trigger cross-site scripting in log viewers.
VIEW TUTORIAL →
14
Rate Limit Bypass
Rate Limit
Spoof IP headers to circumvent rate limiting controls and brute-force protected endpoints.
VIEW TUTORIAL →
15
HTTP Request Smuggling
Auth Bypass
Exploit CL.TE desync between front-end and back-end servers to poison request queues and bypass controls.
VIEW TUTORIAL →
16
GraphQL Introspection
Auth Bypass
Enumerate schema via introspection to discover hidden fields and exploit exposed admin mutations.
VIEW TUTORIAL →
17
NoSQL Injection
SQLi
Abuse MongoDB operator syntax to bypass authentication and extract data from document stores.
VIEW TUTORIAL →
18
SSTI — Jinja2 Sandbox Escape
RCE
Traverse Python's MRO chain inside a Jinja2 template to escape the sandbox and execute arbitrary code.
VIEW TUTORIAL →
19
OAuth2 Open Redirect
Auth Bypass
Steal authorization codes by injecting a malicious redirect URI into an OAuth2 authorization flow.
VIEW TUTORIAL →
20
DNS Rebinding
Network
Exploit TTL expiry to pivot through DNS rebinding and reach internal services from a browser context.
VIEW TUTORIAL →