Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Vulnerabilidades em sistemas web
Search
Daniel Romero
November 01, 2012
Programming
0
79
Vulnerabilidades em sistemas web
Algumas das vulnerabilidades mais exploradas em aplicações web.
Daniel Romero
November 01, 2012
Tweet
Share
More Decks by Daniel Romero
See All by Daniel Romero
Segurança on Rails
infoslack
0
110
Other Decks in Programming
See All in Programming
HTTPプロトコル正しく理解していますか? 〜かわいい猫と共に学ぼう。ฅ^•ω•^ฅ ニャ〜
hekuchan
2
660
2年のAppleウォレットパス開発の振り返り
muno92
PRO
0
190
CSC307 Lecture 06
javiergs
PRO
0
650
The Art of Re-Architecture - Droidcon India 2025
siddroid
0
170
GISエンジニアから見たLINKSデータ
nokonoko1203
0
190
AI 駆動開発ライフサイクル(AI-DLC):ソフトウェアエンジニアリングの再構築 / AI-DLC Introduction
kanamasa
11
5.8k
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
elyza
2
1.2k
Honoを使ったリモートMCPサーバでAIツールとの連携を加速させる!
tosuri13
1
160
TerraformとStrands AgentsでAmazon Bedrock AgentCoreのSSO認証付きエージェントを量産しよう!
neruneruo
4
2.6k
dchart: charts from deck markup
ajstarks
3
970
Pythonではじめるオープンデータ分析〜書籍の紹介と書籍で紹介しきれなかった事例の紹介〜
welliving
3
840
今こそ知るべき耐量子計算機暗号(PQC)入門 / PQC: What You Need to Know Now
mackey0225
3
350
Featured
See All Featured
Measuring & Analyzing Core Web Vitals
bluesmoon
9
740
Leo the Paperboy
mayatellez
4
1.3k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
300
Accessibility Awareness
sabderemane
0
42
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
150
Music & Morning Musume
bryan
47
7k
YesSQL, Process and Tooling at Scale
rocio
174
15k
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
260
Building AI with AI
inesmontani
PRO
1
650
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.9k
Getting science done with accelerated Python computing platforms
jacobtomlinson
1
100
Transcript
Vulnerabilidades em sistemas web
Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP
• SDL
Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •
Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main
SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html
XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/
DDos • http://ha.ckers.org/slowloris/
Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •
http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/
Prática, hora dos testes
None
Daniel Romero
[email protected]
@infolslack
infoslack
hekuchan
muno92
javiergs
siddroid
nokonoko1203
kanamasa
elyza
tosuri13
neruneruo
ajstarks
welliving
mackey0225
bluesmoon
mayatellez
chikuwait
sabderemane
davetheseo
bryan
rocio
mfonobong
inesmontani
iamctodd
garrettdimon
jacobtomlinson
![Daniel Romero [email protected] @infolslack](https://files.speakerdeck.com/presentations/5092ba059397c60002004c18/slide_9.jpg){kind=link}