Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
76
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
100
Other Decks in Programming
See All in Programming
JJUG CCC 2025 Fall: Virtual Thread Deep Dive
ternbusty
3
480
生成AIを活用したリファクタリング実践 ~コードスメルをなくすためのアプローチ
raedion
0
110
「正規表現をつくる」をつくる / make "make regex"
makenowjust
1
740
関数の挙動書き換える
takatofukui
4
750
詳細の決定を遅らせつつ実装を早くする
shimabox
2
1.3k
AI 時代だからこそ抑えたい「価値のある」PHP ユニットテストを書く技術 #phpconfuk / phpcon-fukuoka-2025
shogogg
1
580
FlutterKaigi 2025 システム裏側
yumnumm
0
1.2k
AI時代もSEOを頑張っている話
shirahama_x
0
160
Private APIの呼び出し方
kishikawakatsumi
3
900
How Software Deployment tools have changed in the past 20 years
geshan
0
4.5k
「AWS CDK入門」の前日譚/Prequelto-Introduction-To-AWSCDK
tyumugi1113
0
100
flutter_kaigi_2025.pdf
kyoheig3
1
350
Featured
See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
The Pragmatic Product Professional
lauravandoore
36
7k
Practical Orchestrator
shlominoach
190
11k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Six Lessons from altMBA
skipperchong
29
4.1k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
Being A Developer After 40
akosma
91
590k
Designing Experiences People Love
moore
142
24k
Speed Design
sergeychernyshev
33
1.2k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
ternbusty
raedion
makenowjust
takatofukui
shimabox
shogogg
.jpg){kind=avatar}
yumnumm
shirahama_x
kishikawakatsumi
geshan
tyumugi1113
kyoheig3
smashingmag
tanoku
lauravandoore
shlominoach
denniskardys
skipperchong
rmw
danielanewman
akosma
moore
sergeychernyshev
erikaheidi
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}