Password Reset

Test For Rate Limiting
Check if the Password reset link is expiring
Check if the reset link can be reused
Try to If you can use Password reset link even after email change
Use array In email parameter if existing {"email_address":["[email protected]","[email protected]"]}
On password reset link, remove the token
Access password reset endpoint without token while authenticated
See if the token is being leaked in the referer header
IDN homographic attack (look at the reference)