• Intro
• Identifying IDORs
• Mass IDOR Enumeration
• Bypassing Encoded References
• IDOR in Insecure APIs
• Chaining IDOR Vulnerabilities
• IDOR Prevention