Skip to content

Knowledge Base

Johan Beysen


Wat is dit?

Persoonlijke kennisbank voor cybersecurity, netwerken, databanken en tools.


Inhoud

Web Application Security

Pagina Onderwerp
SQL Injection SQLi detectie, UNION attacks, blind SQLi, cheat sheet
Broken Access Control IDOR, privilege escalation
Horizontal & Vertical Access Control Concept uitleg
XSS Reflected, stored, DOM-based, filter bypasses
CORS SOP, misconfiguraties, exploitatie
Information Disclosure Headers, error pages, .git exposure
Authentication Bypass Username enum, brute force, logic flaws, MFA bypass
SSRF Server-Side Request Forgery
Path Traversal Directory traversal aanvallen
File Upload Vulnerabilities Upload bypass technieken
Server Side Vulnerabilities Path traversal, SSRF, file upload, command injection
Webapp Pentest Stappenplan OWASP-gebaseerd stappenplan

API Security

Pagina Onderwerp
API Testing Recon, endpoints, server-side parameter pollution
API Testing Tasklist OWASP API Top 10 checklist
JWT Tokens JWT structuur, aanvallen, algorithm confusion

Tools

Pagina Onderwerp
Nmap Port scanning, service detection, NSE scripts
Mimikatz Credential dumping, Kerberos, DCSync
Atomic Red Team Detection validation, purple teaming, ATT&CK
AMSI Testing Antimalware Scan Interface testing
EICAR Testing AV validatie met EICAR test file
Arya OT/ICS security scanner

Overig

Pagina Onderwerp
Markdown Cheatsheet MkDocs/Material syntax referentie

MkDocs commando's

mkdocs serve    # Live preview op http://localhost:8000
mkdocs build    # Statische site genereren