Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
71
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
88
Other Decks in Programming
See All in Programming
Temporalを取り巻く仕様を整理する
sajikix
0
120
20240706_CDKConf
takuyay0ne
0
1.2k
Folding Cheat Sheet #7
philipschwarz
PRO
0
150
なぜ宣言的 UI は壊れにくいのか / Why declarative UI is less fragile
uenitty
29
13k
Microservices rules (July 2024) : what good looks like
cer
PRO
0
1.6k
実用的かつリーズナブルな 「Azure × Gemini × LINE」~キャラクターBot 実装ライブデモ~
tomodo_ysys
1
170
SRE チーム立ち上げ前に考えたこと・取り組んだこと / Considerations and Preparations Before Establishing an SRE Team
mackey0225
3
320
Javaの現状2024夏 / Java current status 2024 summer
kishida
4
1.4k
The rollercoaster of releasing an Android, iOS, and macOS app with Kotlin Multiplatform | droidcon Berlin
prof18
0
110
Prompt FlowによるLLMアプリケーション開発
yuto2000
1
1k
CSC307 Lecture 07
javiergs
PRO
0
220
유연한 Composable 설계
l2hyunwoo
0
380
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
93
5k
How To Stay Up To Date on Web Technology
chriscoyier
784
250k
Designing on Purpose - Digital PM Summit 2013
jponch
113
6.6k
Ruby is Unlike a Banana
tanoku
96
10k
Navigating Team Friction
lara
181
13k
Designing for Performance
lara
604
67k
Adopting Sorbet at Scale
ufuk
71
8.8k
The Illustrated Children's Guide to Kubernetes
chrisshort
39
47k
Faster Mobile Websites
deanohume
303
30k
The Power of CSS Pseudo Elements
geoffreycrofte
64
5.2k
Become a Pro
speakerdeck
PRO
15
4.8k
For a Future-Friendly Web
brad_frost
173
9.2k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
sajikix
takuyay0ne
philipschwarz
uenitty
cer
tomodo_ysys
mackey0225
kishida
prof18
yuto2000
javiergs
l2hyunwoo
nonsquared
chriscoyier
jponch
tanoku
lara
ufuk
chrisshort
deanohume
geoffreycrofte
speakerdeck
brad_frost
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}