Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
76
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
100
Other Decks in Programming
See All in Programming
高度なUI/UXこそHotwireで作ろう Kaigi on Rails 2025
naofumi
4
3.8k
CSC305 Lecture 02
javiergs
PRO
1
260
登壇は dynamic! な営みである / speech is dynamic
da1chi
0
250
Swift Concurrency - 状態監視の罠
objectiveaudio
2
490
After go func(): Goroutines Through a Beginner’s Eye
97vaibhav
0
320
(Extension DC 2025) Actor境界を越える技術
teamhimeh
1
250
Pythonスレッドとは結局何なのか? CPython実装から見るNoGIL時代の変化
curekoshimizu
5
1.7k
XP, Testing and ninja testing ZOZ5
m_seki
3
580
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
200
Domain-centric? Why Hexagonal, Onion, and Clean Architecture Are Answers to the Wrong Question
olivergierke
2
790
Conquering Massive Traffic Spikes in Ruby Applications with Pitchfork
riseshia
0
160
CSC509 Lecture 03
javiergs
PRO
0
330
Featured
See All Featured
KATA
mclloyd
32
15k
It's Worth the Effort
3n
187
28k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.2k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
Designing for Performance
lara
610
69k
Building Better People: How to give real-time feedback that sticks.
wjessup
368
20k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
Making the Leap to Tech Lead
cromwellryan
135
9.6k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Testing 201, or: Great Expectations
jmmastey
45
7.7k
Fireside Chat
paigeccino
40
3.7k
How GitHub (no longer) Works
holman
315
140k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack