The key topics include:
- AJAX (Asynchronous JavaScript and XML) Security / DOM Injection
- Authentication flaws
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Injection flaws and Web Service JavaScript Injection
- Parameter tampering, log spoofing, silent attacks and others