Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
74
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
98
Other Decks in Programming
See All in Programming
今だからこそ入門する Server-Sent Events (SSE)
nearme_tech
PRO
3
160
Rancher と Terraform
fufuhu
2
280
Navigating Dependency Injection with Metro
zacsweers
3
250
MCPとデザインシステムに立脚したデザインと実装の融合
yukukotani
4
1.4k
Android 16 × Jetpack Composeで縦書きテキストエディタを作ろう / Vertical Text Editor with Compose on Android 16
cc4966
1
200
ソフトウェアテスト徹底指南書の紹介
goyoki
1
150
AIコーディングAgentとの向き合い方
eycjur
0
270
モバイルアプリからWebへの横展開を加速した話_Claude_Code_実践術.pdf
kazuyasakamoto
0
320
開発チーム・開発組織の設計改善スキルの向上
masuda220
PRO
20
11k
Testing Trophyは叫ばない
toms74209200
0
860
Amazon RDS 向けに提供されている MCP Server と仕組みを調べてみた/jawsug-okayama-2025-aurora-mcp
takahashiikki
1
110
今から始めるClaude Code入門〜AIコーディングエージェントの歴史と導入〜
nokomoro3
0
130
Featured
See All Featured
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.1k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Building Better People: How to give real-time feedback that sticks.
wjessup
368
19k
Music & Morning Musume
bryan
46
6.8k
Facilitating Awesome Meetings
lara
55
6.5k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.9k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
139
34k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
nearme_tech
fufuhu
zacsweers
yukukotani
cc4966
goyoki
eycjur
kazuyasakamoto
masuda220
toms74209200
takahashiikki
nokomoro3
tammyeverts
scottboms
philnash
wjessup
bryan
lara
thoeni
hatefulcrawdad
csswizardry
caitiem20
danielanewman
eileencodes
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}