Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vulnerabilidades em sistemas web

Vulnerabilidades em sistemas web

Algumas das vulnerabilidades mais exploradas em aplicações web.

Daniel Romero

November 01, 2012
Tweet

More Decks by Daniel Romero

Other Decks in Programming

Transcript

  1. Vulnerabilidades em sistemas web

    View Slide

  2. Primeiros passos

    Vulnerabilidades

    Técnicas

    Ferramentas

    OWASP

    SDL

    View Slide

  3. Vulnerabilidades mais conhecidas

    Injection

    XSS

    DdoS

    Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main

    View Slide

  4. SQL Injection

    https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

    http://www.unixwiz.net/techtips/sql-injection.html

    View Slide

  5. XSS

    https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet

    http://hack.us/

    View Slide

  6. DDos

    http://ha.ckers.org/slowloris/

    View Slide

  7. Ferramentas

    http://sqlmap.org/ - GitHub

    http://www.metasploit.com/ - GitHub

    http://arachni-scanner.com/ - GitHub

    http://brakemanscanner.org/ - GitHub

    http://www.openvas.org/

    View Slide

  8. Prática, hora dos testes

    View Slide

  9. View Slide

  10. Daniel Romero
    [email protected]
    @infolslack

    View Slide