I would like to be work on this.

Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors.

I can do this, since they still seem to be in separate chapters.

Hows this for order? Unless you just wanted 7 added to the end of chapter 11

01-Testing_for_Reflected_Cross_Site_Scripting.md
02-Testing_for_Stored_Cross_Site_Scripting.md
03-Testing_for_HTTP_Verb_Tampering.md
04-Testing_for_HTTP_Parameter_Pollution.md
15-Testing_for_HTTP_Splitting_Smuggling.md
16-Testing_for_HTTP_Incoming_Requests.md
08-Testing_for_SSI_Injection.md
12-Testing_for_Command_Injection.md
13-Testing_for_Buffer_Overflow.md
13-Testing_for_Format_String_Injection.md
14-Testing_for_Incubated_Vulnerability.md
18-Testing_for_Server-side_Template_Injection.md
19-Testing_for_Server-Side_Request_Forgery.md
10-Testing_for_IMAP_SMTP_Injection.md
07-Testing_for_XML_Injection.md
09-Testing_for_XPath_Injection.md
05-Testing_for_SQL_Injection.md
05.1-Testing_for_Oracle.md
05.2-Testing_for_MySQL.md
05.3-Testing_for_SQL_Server.md
05.4-Testing_PostgreSQL.md
05.5-Testing_for_MS_Access.md
05.6-Testing_for_NoSQL_Injection.md
05.7-Testing_for_ORM_Injection.md
05.8-Testing_for_Client-side.md
11-Testing_for_Code_Injection.md
11.1-Testing_for_File_Inclusion.md
02-Testing_for_JavaScript_Execution.md
03-Testing_for_HTML_Injection.md
05-Testing_for_CSS_Injection.md
08-Testing_for_Cross_Site_Flashing.md
09-Testing_for_Clickjacking.md
10-Testing_WebSockets.md
11-Testing_Web_Messaging.md
12-Testing_Browser_Storage.md
13-Testing_for_Cross_Site_Script_Inclusion.md
04-Testing_for_Client-side_URL_Redirect.md
06-Testing_for_Client-side_Resource_Manipulation.md
01-Testing_for_DOM-based_Cross_Site_Scripting.md
01.1-Testing_for_Self_DOM_Based_Cross_Site_Scripting.md
07-Testing_Cross_Origin_Resource_Sharing.md
17-Testing_for_Host_Header_Injection.md
06-Testing_for_LDAP_Injection.md

No no, to be clear XSS is the only thing that's moving.

Any XSS scenarios that are currently in section 7 should move to section 11.

01-Testing_for_Reflected_Cross_Site_Scripting.md
02-Testing_for_Stored_Cross_Site_Scripting.md

Should move into a unified XSS section with DOM in 11. Something like:

01-Testing_for_Reflected_Cross_Site_Scripting.md
02-Testing_for_Stored_Cross_Site_Scripting.md
03-Testing_for_DOM-based_Cross_Site_Scripting.md
03.1-Testing_for_Self_DOM_Based_Cross_Site_Scripting.md

or

01 Testing for Cross Site Scripting
01.1-Testing_for_Reflected_Cross_Site_Scripting.md
01.2-Testing_for_Stored_Cross_Site_Scripting.md
01.3-Testing_for_DOM-based_Cross_Site_Scripting.md
01.4-Testing_for_Self_DOM_Based_Cross_Site_Scripting.md

Something along those lines. Have a look at it, have a look at how SQLi is done since this could be similar.

^ edited: had further thoughts 😉

Ok great, thanks for the clarification! I'm double-checking section 7 now

I deleted my last comment, was looking at the wrong tab!

Those are already in 11 👍

Yeah, there was a sudden bit of chaos in the house and I realized with the distraction I'd been looking at 11 not 7

All good, been there.