Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vulnerabilidades em sistemas web

Avatar for Daniel Romero Daniel Romero
November 01, 2012
Programming
0
76

Vulnerabilidades em sistemas web

Algumas das vulnerabilidades mais exploradas em aplicações web.

Avatar for Daniel Romero

Daniel Romero

November 01, 2012
Tweet

More Decks by Daniel Romero

See All by Daniel Romero
Segurança on Rails
Avatar for Daniel Romero infoslack
0
100

Other Decks in Programming

See All in Programming
高度なUI/UXこそHotwireで作ろう Kaigi on Rails 2025
Avatar for Naofumi Kagami naofumi
4
3.8k
CSC305 Lecture 02
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
260
登壇は dynamic! な営みである / speech is dynamic
Avatar for Daichi KUDO da1chi
0
250
Swift Concurrency - 状態監視の罠
Avatar for Yuki Yasoshima objectiveaudio
2
490
After go func(): Goroutines Through a Beginner’s Eye
Avatar for Vaibhav Gupta 97vaibhav
0
320
(Extension DC 2025) Actor境界を越える技術
Avatar for Himeshi teamhimeh
1
250
Pythonスレッドとは結局何なのか? CPython実装から見るNoGIL時代の変化
Avatar for curekoshimizu curekoshimizu
5
1.7k
XP, Testing and ninja testing ZOZ5
Avatar for seki at druby.org m_seki
3
580
The Past, Present, and Future of Enterprise Java
Avatar for ivargrimstad ivargrimstad
0
200
Domain-centric? Why Hexagonal, Onion, and Clean Architecture Are Answers to the Wrong Question
Avatar for Oliver Drotbohm olivergierke
2
790
Conquering Massive Traffic Spikes in Ruby Applications with Pitchfork
Avatar for Shia riseshia
0
160
CSC509 Lecture 03
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
330

Featured

See All Featured
KATA
Avatar for Megan Lloyd mclloyd
32
15k
It's Worth the Effort
Avatar for 3n 3n
187
28k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.2k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
15k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
20k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
30
2.9k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.6k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
56
14k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k
Fireside Chat
Avatar for paigeccino paigeccino
40
3.7k
How GitHub (no longer) Works
Avatar for Zach Holman holman
315
140k

Transcript

  1. Vulnerabilidades em sistemas web

  2. Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP

    • SDL

  3. Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •

    Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main

  4. SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html

  5. XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/

  6. DDos • http://ha.ckers.org/slowloris/

  7. Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •

    http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/

  8. Prática, hora dos testes

  9. None

  10. Daniel Romero [email protected] @infolslack