Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
73
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
94
Other Decks in Programming
See All in Programming
フロントエンドオブザーバビリティ on Google Cloud
yunosukey
0
110
Introduction to C Extensions
sylph01
3
130
Goで作るChrome Extensions / Fukuoka.go #21
n3xem
0
130
Rubyと自由とAIと
yotii23
6
1.9k
コミュニティ駆動 AWS CDK ライブラリ「Open Constructs Library」 / community-cdk-library
gotok365
2
260
[JAWS DAYS 2025] 最近の DB の競合解決の仕組みが分かった気になってみた
maroon1st
0
200
はじめてのIssueOps - GitHub Actionsで実現するコメント駆動オペレーション
tmknom
5
1.5k
責務と認知負荷を整える! 抽象レベルを意識した関心の分離
yahiru
9
1.6k
Amazon Bedrockマルチエージェントコラボレーションを諦めてLangGraphに入門してみた
akihisaikeda
1
180
ML.NETで始める機械学習
ymd65536
0
250
ナレッジイネイブリングにAIを活用してみる ゆるSRE勉強会 #9
nealle
0
170
データベースのオペレーターであるCloudNativePGがStatefulSetを使わない理由に迫る
nnaka2992
0
250
Featured
See All Featured
A Tale of Four Properties
chriscoyier
158
23k
What's in a price? How to price your products and services
michaelherold
244
12k
The Art of Programming - Codeland 2020
erikaheidi
53
13k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.5k
Building a Modern Day E-commerce SEO Strategy
aleyda
38
7.1k
Practical Orchestrator
shlominoach
186
10k
Stop Working from a Prison Cell
hatefulcrawdad
268
20k
Thoughts on Productivity
jonyablonski
69
4.5k
A better future with KSS
kneath
238
17k
The Invisible Side of Design
smashingmag
299
50k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
Measuring & Analyzing Core Web Vitals
bluesmoon
6
270
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
yunosukey
sylph01
n3xem
yotii23
gotok365
maroon1st
tmknom
yahiru
akihisaikeda
ymd65536
nealle
nnaka2992
chriscoyier
michaelherold
erikaheidi
zakiyama
aleyda
shlominoach
hatefulcrawdad
jonyablonski
kneath
smashingmag
panda_program
bluesmoon
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}