Techniques for Web Application Security Assessment

Hello there,

I’m interested into the realm of web application security assessment and I’m eager to expand my knowledge beyond the basics. While I’ve mastered the fundamentals of SQL injection, XSS, and CSRF, I’m now seeking guidance on more advanced techniques.

Could anyone recommend resources or provide insights into advanced topics like:-

Server-Side Request Forgery (SSRF) exploitation
XML External Entity (XXE) attacks
Remote Code Execution (RCE) vulnerabilities
File Inclusion vulnerabilities (LFI/RFI)
Deserialization attacks

Any suggestion would be highly appreciated.

Thankyou in advance.