$30 off During Our Annual Pro Sale. View Details »

Vulnerabilidades em sistemas web

Avatar for Daniel Romero Daniel Romero
November 01, 2012
Programming
0
79

Vulnerabilidades em sistemas web

Algumas das vulnerabilidades mais exploradas em aplicações web.

Avatar for Daniel Romero

Daniel Romero

November 01, 2012
Tweet

More Decks by Daniel Romero

See All by Daniel Romero
Segurança on Rails
Avatar for Daniel Romero infoslack
0
110

Other Decks in Programming

See All in Programming
Combinatorial Interview Problems with Backtracking Solutions - From Imperative Procedural Programming to Declarative Functional Programming - Part 2
Avatar for Philip Schwarz philipschwarz
PRO
0
120
Canon EOS R50 V と R5 Mark II 購入でみえてきた最近のデジイチ VR180 事情、そして VR180 静止画に活路を見出すまで
Avatar for kazuhiro hara karad
0
140
実は歴史的なアップデートだと思う AWS Interconnect - multicloud
Avatar for maroon1st maroon1st
0
270
AI時代を生き抜く 新卒エンジニアの生きる道
Avatar for coconala_engineer coconala_engineer
1
440
実はマルチモーダルだった。ブラウザの組み込みAI🧠でWebの未来を感じてみよう #jsfes #gemini
Avatar for n0bisuke n0bisuke2
3
1.3k
Developing static sites with Ruby
Avatar for Masafumi Okura okuramasafumi
0
330
GoLab2025 Recap
Avatar for kuro kuro_kurorrr
0
780
Java 25, Nuevas características
Avatar for Carlos Zela Bueno czelabueno
0
120
Patterns of Patterns
Avatar for Denys Poltorak denyspoltorak
0
360
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
Avatar for 株式会社ELYZA elyza
2
650
Tinkerbellから学ぶ、Podで DHCPをリッスンする手法
Avatar for Tomofumi Kondo tomokon
0
140
Cell-Based Architecture
Avatar for Luram Archanjo larchanjo
0
140

Featured

See All Featured
Neural Spatial Audio Processing for Sound Field Analysis and Control
Avatar for NII S. Koyama's Lab skoyamalab
0
130
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
Avatar for Greg Gifford greggifford
PRO
0
17
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
196
70k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
Technical Leadership for Architectural Decision Making
Avatar for Kenny Baas-Schwegler baasie
0
190
Lightning Talk: Beautiful Slides for Beginners
Avatar for Ines Montani inesmontani
PRO
1
410
What does AI have to do with Human Rights?
Avatar for Per Axbom axbom
PRO
0
1.9k
How Fast Is Fast Enough? [PerfNow 2025]
Avatar for Tammy Everts tammyeverts
3
410
Exploring anti-patterns in Rails
Avatar for Elle Meredith aemeredith
2
210
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
140k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
Avatar for UX Y'all uxyall
0
110
Introduction to Domain-Driven Design and Collaborative software design
Avatar for Kenny Baas-Schwegler baasie
1
520

Transcript

  1. Vulnerabilidades em sistemas web

  2. Primeiros passos • Vulnerabilidades • Técnicas • Ferramentas • OWASP

    • SDL

  3. Vulnerabilidades mais conhecidas • Injection • XSS • DdoS •

    Top 10 - https://www.owasp.org/index.php/Top_10_2010-Main

  4. SQL Injection • https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet • http://www.unixwiz.net/techtips/sql-injection.html

  5. XSS • https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet • http://hack.us/

  6. DDos • http://ha.ckers.org/slowloris/

  7. Ferramentas • http://sqlmap.org/ - GitHub • http://www.metasploit.com/ - GitHub •

    http://arachni-scanner.com/ - GitHub • http://brakemanscanner.org/ - GitHub • http://www.openvas.org/

  8. Prática, hora dos testes

  9. None

  10. Daniel Romero [email protected] @infolslack