Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
73
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
91
Other Decks in Programming
See All in Programming
useSyncExternalStoreを使いまくる
ssssota
6
1k
今年一番支援させていただいたのは認証系サービスでした
satoshi256kbyte
1
250
わたしの星のままで一番星になる ~ 出産を機にSIerからEC事業会社に転職した話 ~
kimura_m_29
0
180
たのしいparse.y
ydah
3
120
20年もののレガシープロダクトに 0からPHPStanを入れるまで / phpcon2024
hirobe1999
0
110
コンテナをたくさん詰め込んだシステムとランタイムの変化
makihiro
1
120
Stackless и stackful? Корутины и асинхронность в Go
lamodatech
0
690
CQRS+ES の力を使って効果を感じる / Feel the effects of using the power of CQRS+ES
seike460
PRO
0
110
プロダクトの品質に コミットする / Commit to Product Quality
pekepek
2
770
Criando Commits Incríveis no Git
marcelgsantos
2
170
menu基盤チームによるGoogle Cloudの活用事例~Application Integration, Cloud Tasks編~
yoshifumi_ishikura
0
110
テストコード文化を0から作り、変化し続けた組織
kazatohiei
2
1.5k
Featured
See All Featured
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Gamification - CAS2011
davidbonilla
80
5.1k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
59k
Facilitating Awesome Meetings
lara
50
6.1k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
28
4.4k
Docker and Python
trallard
42
3.1k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Optimising Largest Contentful Paint
csswizardry
33
3k
[RailsConf 2023] Rails as a piece of cake
palkan
53
5k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
ssssota
satoshi256kbyte
kimura_m_29
ydah
hirobe1999
makihiro
lamodatech
seike460
pekepek
marcelgsantos
yoshifumi_ishikura
kazatohiei
tammyeverts
davidbonilla
marcelosomers
sonatard
lemiorhan
lara
kevinliebholz
trallard
afnizarnur
csswizardry
palkan
garrettdimon
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}