the most popular attacks are remote file inclusion attempts, every day there are some in my logs, on "good" days it can be even 100+....followed by XSS attempts.
if you want to get into exploiting techniques get "The Shellcoder's Handbook" from our downloads, it's THE classic....