13/Nov2017

Practical Security | Web Based Security Best Practises

My personal introduction | Why am i talking about security?

I'm Ron van der Molen, the owner of Wizkunde and ever since i was young, i've been intrigued by the concepts of hacking. I started learning the ways in the dutch community for it ever since i was 15 years old. Thats well over 20 years ago now.

My personal passion for development even sparked when i was about 6 years old. My parents bought books for the Commodore 64 which we owned and these books had pieces of code inside of them which were mostly cheatcodes to the games we had. I started programming at that age by literally typing over the codes and hoping for the best. At 6 years old though, i learned the significance of a mistake caused by one wrong letter. Now thats a lesson aint it!

In the years that followed i have always loved information security. I started to go to local communities like the dutch Klaphek meeting, and i went to several large events like What The Heck, Outerbrains and nearly every dutch information security congress there was at that time. At some point i even got to meet the amazing Kevin Mitnick, who is a world renown social engineer who accumulated quite some fame as he was (i believe) the first hacker who ever got to do some serious jailtime as form of an example. Social Engineering is exploiting the human aspect in order to gain access or information which would have otherwise not be available to you. He wrote books about social engineering and i bought one of his books named "The Art of Deception". When i met him he signed it for me and im still the proud owner of that book today.

During my time in the dutch army in 2000-2005, i was a electronic counter intelligence corporal in a training unit named "Electronic Counter Counter Measures Training Platoon" which was there to look at our own army units instead of to the enemies. Even though this was more oriented to radio procedures and what to communicate, how to communicate and how intelligence can be used to either prevent casualties internally, this was one of the best environments one could be in when it comes to understanding the importance of information security.


What is a hacker

No, i know what you are thinking. But not all hackers are scamming destructive bastards who want to see the world burn. We're creative people who tend to solve challenges in a constructive and creative matter. This includes challenges out of the digital world. So if you're asked to make a extremely large application with millions of users per day to perform fast and reliably, you could be a hacker when you find creative ways to do so. But yes, this could also include breaking security if needed and understanding how to counter that.

The definition

There's really not a single definition of a hacker. There's been many trying to explain the differences between hackers, crackers, phreakers. Or answering endless questions about the color of the hat one's wearing. I won't even try to label myself or anyone who calls him or herself a hacker.

My definition?

Someone who gets any job done, creatively and is willing to go outside the box.


About the presentation

This presentation is one that i've presented in several communities inside the Netherlands around 2014. Its great to learn about the most common used hacking techniques these days. The tips and explanations in this slide have been valid ever since the internet became popular and will matter for years to come.

Got Questions?

Feel free to contact me through the website and maybe i can help you out in your endeavours of staying safe.

Practical security from Ron van der Molen