Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
Examine a common security vulnerability, Cross-Site Scripting (XSS).
Learn about code injection vulnerabilities with the Pentester’s Guide to Code Injection.
Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side.
Read the Pentester’s Guide to File Inclusion for key insights into this common vulnerability.
Learn about situations where XXE can be leveraged to perform server-side request forgery (SSRF) attacks to compromise the underlying server or other back-end infrastructure.