SQLi XSS CSRF Clickjacking DOM Based Vuln CORS XXE Injection SSRF HTTP Smuggling OS Injection Server Side Template Injection Path Traversal Access Control Vulnerabilities Authentication WebSockets Web cache poisoning Insecure Deserialisation Information disclosure Business Logic Vulnerabilities HTTP Host header attacks OAuth authentication File upload vulnerabilities JWT Essential skills Prototype pollution Race conditions NoSQL injection API Testing Web LLM