Exploiting Web Socket vulnerabilities.
Circumventing web application client side controls.
Exploiting REST based API’s.
Identifying and exploiting CSP misconfigurations.
Exploiting SSRF vulnerabilities.
Modifying JWT values to elevate privileges.
Exploiting loose comparison operations.
Triggering code execution through object deserialisation.
Exploiting command injection vulnerabilities.
Exploiting common Tomcat vulnerabilities.
Exploiting file upload vulnerabilities to execute arbitrary code.
SQL Injection for MySQL databases.