$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
77
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
110
Other Decks in Programming
See All in Programming
これだけで丸わかり!LangChain v1.0 アップデートまとめ
os1ma
6
1.8k
S3 VectorsとStrands Agentsを利用したAgentic RAGシステムの構築
tosuri13
6
300
複数人でのCLI/Infrastructure as Codeの暮らしを良くする
shmokmt
5
2.3k
AIコーディングエージェント(Manus)
kondai24
0
170
認証・認可の基本を学ぼう後編
kouyuume
0
180
Microservices rules: What good looks like
cer
PRO
0
1.2k
エディターってAIで操作できるんだぜ
kis9a
0
710
AIエージェントを活かすPM術 AI駆動開発の現場から
gyuta
0
380
ゲームの物理 剛体編
fadis
0
330
堅牢なフロントエンドテスト基盤を構築するために行った取り組み
shogo4131
8
2.3k
令和最新版Android Studioで化石デバイス向けアプリを作る
arkw
0
390
Tinkerbellから学ぶ、Podで DHCPをリッスンする手法
tomokon
0
120
Featured
See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
For a Future-Friendly Web
brad_frost
180
10k
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
GraphQLの誤解/rethinking-graphql
sonatard
73
11k
Making the Leap to Tech Lead
cromwellryan
135
9.7k
Music & Morning Musume
bryan
46
7k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
A designer walks into a library…
pauljervisheath
210
24k
YesSQL, Process and Tooling at Scale
rocio
174
15k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
1k
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
os1ma
tosuri13
shmokmt
kondai24
kouyuume
cer
kis9a
gyuta
fadis
shogo4131
arkw
tomokon
smashingmag
brad_frost
scottboms
stephaniewalter
sonatard
cromwellryan
bryan
eileencodes
pauljervisheath
rocio
addyosmani
wjessup
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}