From be2c7a45e00c80cfe415c8d3189b56c73c65851d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Rainho?= <arainho.it@gmail.com>
Date: Tue, 27 Jul 2021 09:34:47 +0100
Subject: [PATCH] new checklist entry

OAuth2: Security checklist
---
 README.md | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 8f83584..11af4a2 100644
--- a/README.md
+++ b/README.md
@@ -39,12 +39,13 @@ Name | Description
 [Web API Pentesting](https://book.hacktricks.xyz/pentesting/pentesting-web/web-api-pentesting) | HackTricks - Web API Pentesting
 
 ## Checklist
-Author | Name | Description
----- | ---- | ----
-Shieldfy| [API-Security-Checklist](https://github.com/shieldfy/API-Security-Checklist) | Checklist of the most important security countermeasures when designing, testing, and releasing your API
-Inon Shkedy | [31 days of API Security Tips](https://github.com/smodnix/31-days-of-API-Security-Tips) | This challenge is Inon Shkedy's 31 days API Security Tips.
-APIOps Cycles | [API audit checklist](https://uploads.strikinglycdn.com/files/b483cf33-2873-4e89-abf3-77551f9fb0b0/API%20Audit%20checklist.pdf) | API Audit checklist
-HolyBugx | [another API Security checklist](https://github.com/HolyBugx/HolyTips/blob/main/Checklist/API%20Security.pdf) | HolyTips: API security checklist
+| Author  | Name | Description |
+| ------- | ---- | ------------|
+| Shieldfy | [API-Security-Checklist](https://github.com/shieldfy/API-Security-Checklist) | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
+| Inon Shkedy | [31 days of API Security Tips](https://github.com/smodnix/31-days-of-API-Security-Tips) | This challenge is Inon Shkedy's 31 days API Security Tips |
+| APIOps Cycles | [API audit checklist](https://uploads.strikinglycdn.com/files/b483cf33-2873-4e89-abf3-77551f9fb0b0/API%20Audit%20checklist.pdf) | API Audit checklist |
+| HolyBugx | [another API Security checklist](https://github.com/HolyBugx/HolyTips/blob/main/Checklist/API%20Security.pdf) | HolyTips: API security checklist
+| Binary Brotherhood| [OAuth2: Security checklist](https://web.archive.org/web/20210607123429/https://www.binarybrotherhood.io/oauth2_threat_model.html)| OAuth 2.0 Threat Model Pentesting Checklist |
 
 ## Training / Walkthrough / Labs
 Name | Description