A list about me, which is not a complete list of my competences, and will continue to grow as I live on.

A list about me, which is not a complete list of my competences, and will continue to grow as I live on.

I am:

  • David van der Sluis
  • A Web developer
  • A Scoutleader
  • Working Fulltime as a Web developer
  • Working parttime as a Freelancer.
  • Living in Holland, Rotterdam
  • a Security and privacy freak:
  • Getting my OSCP-certification from the Offensive-Security guys!
  • I am a ZCE(Zend Certified Engineer)
  • A Bitcoin (& Litecoin, Primecoin) enthusiast


I have experience with:

  • Several Security issues(SQL-injection, XSS, XSRF, Session-Hijacking, directory-traversal, DNS Zone transfer, NetBios flaws, SNMP flaws, SMTP flaws, Stack and SEH overflows, different types of (d)DOS: smurf, slow loris etc), and how to prevent abuse (Tarpits, SSL/TSL, faked flaws, hashing, encryption, parity encoding(like Hamming), input validation, etc).
    Several auditing tools (Nmap & NetCat, Maltego, WireShark, John the Ripper, Enumeration scripts(snmpwalk, theHarvester, smbcheck), Metasploit/Nessus, custom fuzzers)
  • OllyDBG, Immunity, GDB, etc
  • PHP (4,) 5 and 5.3 – 5.5 conversions
  • MySQL 4 & 5
  • XML & XSLT
  • HTML & CSS 2&3
  • Ajax
  • JavaScript & JS Libraries(jQuery (UI), jqPlot, Prototype)
  • Perl 5
  • Python 2.7 – 3.2
  • Regular Expressions (JavaScript, Perl, POSIX)
  • Shellscript (Bash, php-cli)
  • Web “Application” development for embedded devices (Synology-style)
  • basic UXD best practices
  • Various Design Patterns
  • MVC (O.O.) style development
  • WebServices(SOAP, RESTful, JSON) / API’s
  • Browser-glitches (IE, FF, Chrome, Safari)
  • openSSL
  • Strong believer in revisioncontrol like Subversion, GIT, Mercurial
  • Apache, nginx, IIS
  • DB Design (drawing ERD’s , usually normalised to Boyce-Codd)
  • Linux (Debian, OpenSUSE, CentOS, RedHat, Kali) Administration
  • Crypto-Currencies: Bitcoin, Litecoin, Primecoin and Namecoin

Specialties:

  • Webdevelopment
  • (Web)Security, Pentesting