Vulnerabilities

• API security testing
• Authentication
• Broken Access Control (BAC)
• Business logic vulnerabilities
• Clickjacking
• CORS misconfiguration
• Cross-Site Request Forgery (CSRF)
• File upload vulnerabilities
• GraphQL API
• Host header injection
• HTTP request smuggling
• Information disclosure
• Insecure deserialization
• JWT
• NoSQL injection
• OAuth 2.0
• OS command injection
• Path traversal
• Prototype pollution
• Race conditions
• SQL injection
• SSRF
• SSTI
• Web cache deception
• Web cache poisoning
• Web LLM
• WebSockets
• XSS
• XXE