List of best practices and pentest tools to prevent/attack common and complex vulnerability on web component (API, Oauth, JWT, ...