Although nomenclatures don't help much when you are facing a security problem, I am keeping this list for a systematic organization. It has regularly been updated.

In addition to this list, you can check some specific web exploration older posts: Exploiting the web in 20 lessons and D-Camp CTF ...

Last weekend I played some of the DEFCAMP CTF Quals. It was pretty intense. For (my own) organizational purposes, I made a list of all the technologies and vulnerabilities found in this CTF, some based on my team's game, some based on the CTF write-ups git repo.

Vulnerabilities

Remote ...