Suche senden
Hochladen
現場で使える脆弱性検査サービス VAddy
•
0 gefällt mir
•
534 views
ichikaway
Folgen
VAddyミートアップ大阪 2017/11/22
Weniger lesen
Mehr lesen
Technologie
Melden
Teilen
Melden
Teilen
1 von 33
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
VAddyの課金システムを Stripeに乗り換えた話
VAddyの課金システムを Stripeに乗り換えた話
ichikaway
VAaddyとは VAddyミートアップvol3_20160629
VAaddyとは VAddyミートアップvol3_20160629
ichikaway
forteeに脆弱性検査をかけてみた VAddy編
forteeに脆弱性検査をかけてみた VAddy編
ichikaway
Yapc8oji: セキュリティテストサービスを開発運営してきた2年
Yapc8oji: セキュリティテストサービスを開発運営してきた2年
ichikaway
JAMStack
JAMStack
Ivan Brygar
What should I do when my website got hack?
What should I do when my website got hack?
Sumedt Jitpukdebodin
20200513 - CloudComputing UCU
20200513 - CloudComputing UCU
Marcia Villalba
Mobile Web Performance using WebPageTest and HTTPArchive
Mobile Web Performance using WebPageTest and HTTPArchive
Doug Sillars
Empfohlen
VAddyの課金システムを Stripeに乗り換えた話
VAddyの課金システムを Stripeに乗り換えた話
ichikaway
VAaddyとは VAddyミートアップvol3_20160629
VAaddyとは VAddyミートアップvol3_20160629
ichikaway
forteeに脆弱性検査をかけてみた VAddy編
forteeに脆弱性検査をかけてみた VAddy編
ichikaway
Yapc8oji: セキュリティテストサービスを開発運営してきた2年
Yapc8oji: セキュリティテストサービスを開発運営してきた2年
ichikaway
JAMStack
JAMStack
Ivan Brygar
What should I do when my website got hack?
What should I do when my website got hack?
Sumedt Jitpukdebodin
20200513 - CloudComputing UCU
20200513 - CloudComputing UCU
Marcia Villalba
Mobile Web Performance using WebPageTest and HTTPArchive
Mobile Web Performance using WebPageTest and HTTPArchive
Doug Sillars
Azure and web sites hackaton deck
Azure and web sites hackaton deck
Alexey Bokov
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
VMware Tanzu
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Hiroshi SHIBATA
Design and Configure Azure App Service Web Apps
Design and Configure Azure App Service Web Apps
Roy Kim
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
Woodruff Solutions LLC
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
AirTight Networks, Inc.
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Robert 'Bob' Reyes
Alexa - Top Sites_ Computer....pdf
Alexa - Top Sites_ Computer....pdf
Frontware International
Peter lubbers-html5-offline-web-apps
Peter lubbers-html5-offline-web-apps
Skills Matter
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
davyjones
Access any data anywhere
Access any data anywhere
Lohith Goudagere Nagaraj
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Flink Forward
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
ForgeRock
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
ThousandEyes
From Monolith to Microservices
From Monolith to Microservices
Amazon Web Services
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
Rikkyo University
Protect your APIs from Cyber Threats
Protect your APIs from Cyber Threats
Apigee | Google Cloud
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
Amazon Web Services Japan
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Amazon Web Services
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Amazon Web Services
Understanding Computer Architecture with NES Emulator
Understanding Computer Architecture with NES Emulator
ichikaway
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
ichikaway
Weitere ähnliche Inhalte
Ähnlich wie 現場で使える脆弱性検査サービス VAddy
Azure and web sites hackaton deck
Azure and web sites hackaton deck
Alexey Bokov
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
VMware Tanzu
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Hiroshi SHIBATA
Design and Configure Azure App Service Web Apps
Design and Configure Azure App Service Web Apps
Roy Kim
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
Woodruff Solutions LLC
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
AirTight Networks, Inc.
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Robert 'Bob' Reyes
Alexa - Top Sites_ Computer....pdf
Alexa - Top Sites_ Computer....pdf
Frontware International
Peter lubbers-html5-offline-web-apps
Peter lubbers-html5-offline-web-apps
Skills Matter
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
davyjones
Access any data anywhere
Access any data anywhere
Lohith Goudagere Nagaraj
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Flink Forward
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
ForgeRock
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
ThousandEyes
From Monolith to Microservices
From Monolith to Microservices
Amazon Web Services
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
Rikkyo University
Protect your APIs from Cyber Threats
Protect your APIs from Cyber Threats
Apigee | Google Cloud
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
Amazon Web Services Japan
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Amazon Web Services
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Amazon Web Services
Ähnlich wie 現場で使える脆弱性検査サービス VAddy
(20)
Azure and web sites hackaton deck
Azure and web sites hackaton deck
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
The Fantastic Voyage to PaaS - Are we there yet? (Cloud Foundry Summit 2014)
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Design and Configure Azure App Service Web Apps
Design and Configure Azure App Service Web Apps
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
Learning How to Shape and Configure an OData Feed for High Performing Web Sit...
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Build (Web)VR with A-Frame (COSCUP 2019 Taipei)
Alexa - Top Sites_ Computer....pdf
Alexa - Top Sites_ Computer....pdf
Peter lubbers-html5-offline-web-apps
Peter lubbers-html5-offline-web-apps
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
HTML5 is the Future of Mobile, PhoneGap Takes You There Today
Access any data anywhere
Access any data anywhere
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Virtual Flink Forward 2020: Lessons learned on Apache Flink application avail...
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
Ready, Set, SD-WAN: Best Practices for Assuring Branch Readiness
From Monolith to Microservices
From Monolith to Microservices
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
全てのエンジニアのためのWeb標準技術とのつきあい方 OSC福岡 2011版
Protect your APIs from Cyber Threats
Protect your APIs from Cyber Threats
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
20201111 AWS Black Belt Online Seminar AWS CodeStar & AWS CodePipeline
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Best Practices to Mitigate from the Emerging Vectors of Network Attack
Mehr von ichikaway
Understanding Computer Architecture with NES Emulator
Understanding Computer Architecture with NES Emulator
ichikaway
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
ichikaway
ゼロから始めるファミコンエミュレータ生活 PHPerKaigi2019
ゼロから始めるファミコンエミュレータ生活 PHPerKaigi2019
ichikaway
OS入門 Fukuoka.php vol.18 LT資料
OS入門 Fukuoka.php vol.18 LT資料
ichikaway
脆弱性もバグ、だからテストしよう PHPカンファンレス2015
脆弱性もバグ、だからテストしよう PHPカンファンレス2015
ichikaway
脆弱性もバグ、だからテストしよう DevSummiFukuoka
脆弱性もバグ、だからテストしよう DevSummiFukuoka
ichikaway
Vulnerabilities are bugs, Let's test for them!
Vulnerabilities are bugs, Let's test for them!
ichikaway
脆弱性もバグ、だからテストしよう!
脆弱性もバグ、だからテストしよう!
ichikaway
継続的Webセキュリティテスト PHPカンファレンス関西2015 LT
継続的Webセキュリティテスト PHPカンファレンス関西2015 LT
ichikaway
継続的Webセキュリティテスト testing casual talks2
継続的Webセキュリティテスト testing casual talks2
ichikaway
Ctf2015 ichikawa Eizoku PM2.5 dial
Ctf2015 ichikawa Eizoku PM2.5 dial
ichikaway
VAddy - CI勉強会 fukuoka
VAddy - CI勉強会 fukuoka
ichikaway
Jenkinsを使った継続的セキュリティテスト
Jenkinsを使った継続的セキュリティテスト
ichikaway
継続的セキュリティテストVaddy説明資料
継続的セキュリティテストVaddy説明資料
ichikaway
VAddy at LL Diver LT
VAddy at LL Diver LT
ichikaway
phpcon kansai 20140628
phpcon kansai 20140628
ichikaway
福岡xTwilio twilio meetup
福岡xTwilio twilio meetup
ichikaway
Nginxを使ったオレオレCDNの構築
Nginxを使ったオレオレCDNの構築
ichikaway
phpcon2013 PHP x twilio
phpcon2013 PHP x twilio
ichikaway
fukuokaphp7 PHP x twilio
fukuokaphp7 PHP x twilio
ichikaway
Mehr von ichikaway
(20)
Understanding Computer Architecture with NES Emulator
Understanding Computer Architecture with NES Emulator
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
Hello, Worldまで3ヶ月 Golangでファミコンエミュレータ実装 #gocon fukuoka 2019
ゼロから始めるファミコンエミュレータ生活 PHPerKaigi2019
ゼロから始めるファミコンエミュレータ生活 PHPerKaigi2019
OS入門 Fukuoka.php vol.18 LT資料
OS入門 Fukuoka.php vol.18 LT資料
脆弱性もバグ、だからテストしよう PHPカンファンレス2015
脆弱性もバグ、だからテストしよう PHPカンファンレス2015
脆弱性もバグ、だからテストしよう DevSummiFukuoka
脆弱性もバグ、だからテストしよう DevSummiFukuoka
Vulnerabilities are bugs, Let's test for them!
Vulnerabilities are bugs, Let's test for them!
脆弱性もバグ、だからテストしよう!
脆弱性もバグ、だからテストしよう!
継続的Webセキュリティテスト PHPカンファレンス関西2015 LT
継続的Webセキュリティテスト PHPカンファレンス関西2015 LT
継続的Webセキュリティテスト testing casual talks2
継続的Webセキュリティテスト testing casual talks2
Ctf2015 ichikawa Eizoku PM2.5 dial
Ctf2015 ichikawa Eizoku PM2.5 dial
VAddy - CI勉強会 fukuoka
VAddy - CI勉強会 fukuoka
Jenkinsを使った継続的セキュリティテスト
Jenkinsを使った継続的セキュリティテスト
継続的セキュリティテストVaddy説明資料
継続的セキュリティテストVaddy説明資料
VAddy at LL Diver LT
VAddy at LL Diver LT
phpcon kansai 20140628
phpcon kansai 20140628
福岡xTwilio twilio meetup
福岡xTwilio twilio meetup
Nginxを使ったオレオレCDNの構築
Nginxを使ったオレオレCDNの構築
phpcon2013 PHP x twilio
phpcon2013 PHP x twilio
fukuokaphp7 PHP x twilio
fukuokaphp7 PHP x twilio
Kürzlich hochgeladen
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Zilliz
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
RankYa
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Kürzlich hochgeladen
(20)
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
現場で使える脆弱性検査サービス VAddy
1.
Copyright (c) Bitforest
Co., Ltd. VAddy 1 #vaddy
2.
Copyright (c) Bitforest
Co., Ltd.2 • VAddy • • VAddy • PrivateNet VAddy
3.
Copyright (c) Bitforest
Co., Ltd.3 • VAddy • Web • •
4.
Copyright (c) Bitforest
Co., Ltd.4 • 2002 • ( ), • Web ( ) • Scutum(WAF) 2009 • VAddy 2014
5.
Copyright (c) Bitforest
Co., Ltd.5
6.
Copyright (c) Bitforest
Co., Ltd. • • • • 6
7.
Copyright (c) Bitforest
Co., Ltd.7
8.
Copyright (c) Bitforest
Co., Ltd. 8 Web Vulnerability Assessment is your Buddy
9.
Copyright (c) Bitforest
Co., Ltd.9
10.
Copyright (c) Bitforest
Co., Ltd. • as a Service • SQLi, XSS, etc • Web • WebAPI CI 10
11.
Copyright (c) Bitforest
Co., Ltd. • http://example.com/show?id=1&name=foo • id=1’&name=foo • id=abs(“1”)&name=foo • id=1&name=foo’ • id=1&name=abs(“1”) 11 POST PUT DELETE JSON
12.
Copyright (c) Bitforest
Co., Ltd.12
13.
Copyright (c) Bitforest
Co., Ltd. VAddy 13
14.
Copyright (c) Bitforest
Co., Ltd. VAddy 14
15.
Copyright (c) Bitforest
Co., Ltd.15
16.
Copyright (c) Bitforest
Co., Ltd.16
17.
Copyright (c) Bitforest
Co., Ltd.17 SQL XSS
18.
Copyright (c) Bitforest
Co., Ltd. • STEP1 • STEP2 • STEP3 / WebAPI) 18
19.
Copyright (c) Bitforest
Co., Ltd.19
20.
Copyright (c) Bitforest
Co., Ltd. 20 (URL Proxy VAddy Proxy Web
21.
Copyright (c) Bitforest
Co., Ltd. • • • 21
22.
Copyright (c) Bitforest
Co., Ltd.22 DEMO
23.
Copyright (c) Bitforest
Co., Ltd.23 PrivateNet VAddy
24.
Copyright (c) Bitforest
Co., Ltd.24 OK NG
25.
Copyright (c) Bitforest
Co., Ltd. • • • • VM Vagrant Docker • CI as a Service 25
26.
Copyright (c) Bitforest
Co., Ltd.26 ssh pfd.vaddy.net:22 (outbound) Web Port 443
27.
Copyright (c) Bitforest
Co., Ltd.27 SSH Local: 443 Remote: 3210 Scan Web Port 443 Scan
28.
Copyright (c) Bitforest
Co., Ltd.28 SSH Local: 192.168.1.18: 8888 Remote: 3210 Scan Scan
29.
Copyright (c) Bitforest
Co., Ltd. • PrivateNet • WebAPI • • • / WebAPI) 29
30.
Copyright (c) Bitforest
Co., Ltd.30 DEMO
31.
Copyright (c) Bitforest
Co., Ltd. • • Starter $60, Pro $190 19,800 ) • • • 2 31
32.
Copyright (c) Bitforest
Co., Ltd. • info@vaddy.net • • 32
33.
Copyright (c) Bitforest
Co., Ltd.33 @vaddynet
Jetzt herunterladen