Resources

We created a list with a lot of resources that can help you to learn more about security vulnerabilities.

Cross-site scripting (XSS)
Uber Bug Bounty: Turning Self-XSS into Good-XSS
XSS Filter Evasion Cheat Sheet
HTML5 Security Cheatsheet
XSS Hunter
Cure53 XSSmas Challenge

CSP / CSP Bypasses
Content Security Policy (CSP) Quick Reference Guide
W3 - Content Security Policy Level 3
CSP Evaluator
H5SC Minichallenge 3, sh*t, it's CSP!

Command injections
Unix Command Injection Cheat Sheet
Testing for Command Injection
Exploiting Java Deserialization Via JBoss

SOP/Origin bypassing/Cross-SOP Data Leaking
JSON hijacking for the modern web
Exploiting Insecure crossdomain.xml to Bypass Same Origin Policy

Insecure Direct Object References
Using Burp to Test for Insecure Direct Object References
Twitter Vulnerability Could Delete Credit Cards from Any Twitter Account

XML External Entity
XML External Entity (XXE) Processing
Apple Pages, Numbers, Keynote Input Validation and XXE
Out of Band XML External Entity Injection via SAML

Resources
This is a page with resources.