Insecure deserialization occurs when attacker-controlled data is deserialized by the website, allowing an attacker to manipulate serialized objects in order to pass harmful data.

Cross-site scripting (XSS) is a web security vulnerability that allows an attacker to compromise interactions that users have with the vulnerable application.

Drozer is an Android security test framework developed by WithSecure Labs to test security vulnerabilities in Android applications and devices by assuming the role of the target application and interaction with Android Runtime, other applications IPC.

GraphQL is an open source, data query and manipulation language for APIs. It enables serving API data for both mobile and web applications. GraphQL is an alternative to REST and grPc.

Information disclosure is a web vulnerability that allows leakage of sensitive information to it’s users. Information leaked may include other user’s sensitive information, passwords and username, Intellectual property, source code, etc depending on the context of the application.

Directory traversal is a web vulnerability that allows an attacker to access unauthorized resources outside the root server directory due to the way server handles files.