Introduction to Web Attacks
HTTP Verb Tampering
Insecure Direct Object References (IDOR)
XML External Entity (XXE) Injection