Idor

Complete API pentesting checklist with OWASP API Top 10 (2023), BOLA/IDOR tests, JWT and OAuth checks, GraphQL security testing, SSRF payloads, business logic abuse scenarios, and reporting guidance.