Mastering the Basics of API Security Testing