Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
73
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
91
Other Decks in Programming
See All in Programming
バックエンドのためのアプリ内課金入門 (サブスク編)
qnighy
1
170
カンファレンス動画鑑賞会のススメ / Osaka.swift #1
hironytic
0
190
サーバーゆる勉強会 DBMS の仕組み編
kj455
1
330
DevFest - Serverless 101 with Google Cloud Functions
tunmise
0
140
PHPとAPI Platformで作る本格的なWeb APIアプリケーション(入門編) / phpcon 2024 Intro to API Platform
ttskch
0
410
functionalなアプローチで動的要素を排除する
ryopeko
1
750
traP の部内 ISUCON とそれを支えるポータル / PISCON Portal
ikura_hamu
0
230
ESLintプラグインを使用してCDKのセオリーを適用する
yamanashi_ren01
2
270
Rubyでつくるパケットキャプチャツール
ydah
0
290
『改訂新版 良いコード/悪いコードで学ぶ設計入門』活用方法−爆速でスキルアップする!効果的な学習アプローチ / effective-learning-of-good-code
minodriven
29
4.6k
Immutable ActiveRecord
megane42
0
110
自動で //nolint を挿入する取り組み / Gopher's Gathering
utgwkk
1
150
Featured
See All Featured
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
6
210
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
11
890
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.6k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.6k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
113
50k
How GitHub (no longer) Works
holman
312
140k
Documentation Writing (for coders)
carmenintech
67
4.6k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.4k
Agile that works and the tools we love
rasmusluckow
328
21k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
qnighy
hironytic
kj455
tunmise
ttskch
ryopeko
ikura_hamu
yamanashi_ren01
ydah
minodriven
megane42
utgwkk
sergeychernyshev
honnibal
kastner
dougneiner
chriscoyier
aki_iinuma
holman
carmenintech
danielanewman
rasmusluckow
reverentgeek
garrettdimon
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}