Have web security testing experience using ZAP and Burp Suite in Server Side and Client Side areass

Server Side Web Security

1- Authentication

2- Directory traversal 

3- Command injection

4- Business logic vulnerabilities 

5- Information disclosure 

6- Access control (Authorization) 

7- File upload vulnerabilities 

8- Server-side request forgery (SSRF) 

9- SQL injection

10- XXE injection 

Client Side Web Security

1- Cross-site scripting (XSS) 

2- Cross-site request forgery (CSRF) 

3- Cross-origin resource sharing (CORS) 

4- Clickjacking 

5- DOM-based vulnerabilities 

6- WebSockets 

Advance Topics

1- Insecure deserialization 

2- Server-side template injection 

3- Web cache poisoning 

4- HTTP Host header attacks 

5- HTTP request smuggling 

6- OAuth authentication

7- JWT attacks 

9- IDOS

10- OAST