Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vulnerabilidades em sistemas web

Avatar for Daniel Romero Daniel Romero
November 01, 2012
Programming
0
74

Vulnerabilidades em sistemas web

Algumas das vulnerabilidades mais exploradas em aplicações web.
Avatar for Daniel Romero

Daniel Romero

November 01, 2012
Tweet

More Decks by Daniel Romero

See All by Daniel Romero
Segurança on Rails
Avatar for Daniel Romero infoslack
0
96

Other Decks in Programming

See All in Programming
Gleamという選択肢
Avatar for Comamoca comamoca
6
680
Cline指示通りに動かない? AI小説エージェントで学ぶ指示書の書き方と自動アップデートの仕組み
Avatar for 葦沢かもめ kamomeashizawa
1
370
ktr0731/go-mcpでMCPサーバー作ってみた
Avatar for kashiwa takak2166
0
160
ワイがおすすめする新潟の食 / 20250530phpconf-niigata-eve
Avatar for kasacchiful kasacchiful
0
300
從零到一:搭建你的第一個 Observability 平台
Avatar for Blueswen blueswen
1
840
Prism.parseで 300本以上あるエンドポイントに 接続できる権限の一覧表を作ってみた
Avatar for hatsu hatsu38
1
110
Perlで痩せる
Avatar for Yuuki Shimizu yuukis
1
680
Perplexity Slack Botを作ってAI活用を進めた話 / AI Engineering Summit プレイベント
Avatar for yukyan n3xem
0
630
Go1.25からのGOMAXPROCS
Avatar for kuro kuro_kurorrr
0
110
ASP.NETアプリケーションのモダナイズ インフラ編
Avatar for tomokusaba tomokusaba
1
190
ReadMoreTextView
Avatar for Sungyong An fornewid
1
300
Haskell でアルゴリズムを抽象化する / 関数型言語で競技プログラミング
Avatar for Naoya Ito naoya
16
3.9k

Featured

See All Featured
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
614
210k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
276
23k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
328
39k
Scaling GitHub
Avatar for Zach Holman holman
459
140k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
53k
How GitHub (no longer) Works
Avatar for Zach Holman holman
314
140k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.3k
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
6.6k
Building an army of robots
Avatar for Kyle Neath kneath
306
45k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
47
2.8k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
31
8.6k

Transcript

  1. Vulnerabilidades em sistemas web

  2. Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP

    • SDL

  3. Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •

    Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main

  4. SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html

  5. XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/

  6. DDos • http://ha.ckers.org/slowloris/

  7. Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •

    http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/

  8. Prática, hora dos testes

  9. None

  10. Daniel Romero [email protected] @infolslack