# EWAPTX

- [PHP Type Juggling](/0xsec/appsec/ewaptx/php-type-juggling.md)
- [CSP](/0xsec/appsec/ewaptx/csp.md)
- [SqlI](/0xsec/appsec/ewaptx/sqli.md): Server-Side Attacks
- [Information\_schema](/0xsec/appsec/ewaptx/sqli/information_schema.md)
- [WriteUps](/0xsec/appsec/ewaptx/sqli/writeups.md)
- [SSTI & CSTI](/0xsec/appsec/ewaptx/ssti-and-csti.md)
- [XSS\_HTML Injection](/0xsec/appsec/ewaptx/xss_html-injection.md): Reflected XSS Stored  XSS DOM XSS self XSS
- [CORS Attack](/0xsec/appsec/ewaptx/cors-attack.md)
- [Clickjacking](/0xsec/appsec/ewaptx/clickjacking.md)
- [Open redirect](/0xsec/appsec/ewaptx/open-redirect.md)
- [JSONP](/0xsec/appsec/ewaptx/jsonp.md)
- [LFI && LFD && RFI](/0xsec/appsec/ewaptx/lfi-and-and-lfd-and-and-rfi.md): Server-Side Attacks
- [HTTP Host header attacks](/0xsec/appsec/ewaptx/http-host-header-attacks.md)
- [CSRF](/0xsec/appsec/ewaptx/csrf.md)
- [XML injection](/0xsec/appsec/ewaptx/xml-injection.md)
- [XML external entity (XXE) injection](/0xsec/appsec/ewaptx/xml-external-entity-xxe-injection.md): https://app.beeceptor.com/
- [APIs &  JWT attacks](/0xsec/appsec/ewaptx/apis-and-jwt-attacks.md)
- [Insecure Deserialization](/0xsec/appsec/ewaptx/insecure-deserialization.md): Advanced Attack
- [OAUTH 2.0 authentication vulnerabilities](/0xsec/appsec/ewaptx/oauth-2.0-authentication-vulnerabilities.md): advanced Attack
- [Host Header Injection](/0xsec/appsec/ewaptx/host-header-injection.md)
- [Insecure Direct Object References (IDOR)](/0xsec/appsec/ewaptx/insecure-direct-object-references-idor.md)