Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vulnerabilidades em sistemas web

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Daniel Romero Daniel Romero
November 01, 2012
Programming
81
0

Vulnerabilidades em sistemas web

Algumas das vulnerabilidades mais exploradas em aplicações web.

Avatar for Daniel Romero

Daniel Romero

November 01, 2012

More Decks by Daniel Romero

See All by Daniel Romero
Segurança on Rails
Avatar for Daniel Romero infoslack
0
120

Other Decks in Programming

See All in Programming
事業会社でのセキュリティ長期インターンについて
Avatar for inlet-back masachikaura
0
250
実用!Hono RPC2026
Avatar for yodaka yodaka
2
190
mruby on C#: From VM Implementation to Game Scripting (RubyKaigi 2026)
Avatar for hadashiA hadashia
1
310
レガシーPHP転生 〜父がドメインエキスパートだったのでDDD+Claude Codeでチート開発します〜
Avatar for panda_program panda_program
0
900
AI時代のPhpStorm最新事情 #phpcon_odawara
Avatar for yusuke yusuke
0
170
Don't Prompt Harder, Structure Better
Avatar for Yusuke Kita kitasuke
0
750
ハーネスエンジニアリングにどう向き合うか 〜ルールファイルを超えて開発プロセスを設計する〜 / How to approach harness engineering
Avatar for r-kagaya rkaga
22
12k
アクセシビリティ試験の"その後"を仕組み化する
Avatar for yuuumin yuuumiravy
0
140
Laravel Nightwatchの裏側 - Laravel公式Observabilityツールを支える設計と実装
Avatar for Ryuta Hamasaki avosalmon
1
330
CDK Deployのための ”反響定位”
Avatar for watany watany
4
750
Liberating Ruby's Parser from Lexer Hacks
Avatar for ydah ydah
1
380
The Monolith Strikes Back: Why AI Agents ❤️ Rails Monoliths
Avatar for Rodrigo Serradura serradura
0
320

Featured

See All Featured
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
Avatar for Christian Goodrich cargoodrich
3
680
Public Speaking Without Barfing On Your Shoes - THAT 2023
Avatar for David Neal reverentgeek
1
370
Designing for Timeless Needs
Avatar for Cassini Nazir cassininazir
0
190
Making Projects Easy
Avatar for Brett Harned brettharned
120
6.6k
A Soul's Torment
Avatar for Nat Ma seathinner
6
2.7k
Crafting Experiences
Avatar for Bethany Jepchumba bethany
1
110
Conquering PDFs: document understanding beyond plain text
Avatar for Ines Montani inesmontani
PRO
4
2.6k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
310
Building AI with AI
Avatar for Ines Montani inesmontani
PRO
1
900
Tell your own story through comics
Avatar for letsgokoyo letsgokoyo
1
890
The SEO Collaboration Effect
Avatar for Kristina Bergwall kristinabergwall1
0
420

Transcript

  1. Vulnerabilidades em sistemas web

  2. Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP

    • SDL

  3. Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •

    Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main

  4. SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html

  5. XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/

  6. DDos • http://ha.ckers.org/slowloris/

  7. Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •

    http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/

  8. Prática, hora dos testes

  9. None

  10. Daniel Romero [email protected] @infolslack