Upload File

security plugin - it-docs · 2015-04-03 · microsoft powerpoint -...

  • Home
  • Documents
  • security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM
12
security plugin 25/03/2015 WORDPRESSA.QUANTIKA14.COM 1

Upload: others

Post on 12-Jul-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

security plugin

25/03/2015 WORDPRESSA.QUANTIKA14.COM 1

Page 2: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

¿Qué es WordPressA?¿Qué es WordPressA?

d l• Es un proyecto creado por la empresa QuantiKa14.

• Documentación.– Exploiting en WordPress– Empezando con WordPress– WordPress Backdoors

• Auditorías de seguridad y fortificación.• Desarrollo de plugins de seguridad.Desarrollo de plugins de seguridad.

WORDPRESSA.QUANTIKA14.COM/WSP/

25/03/2015 WORDPRESSA.QUANTIKA14.COM 2

Page 3: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

¿Por qué WordPressA se centra en WordPress?

• Es el CMS más utilizado.Es el CMS  más utilizado.– Empresas.P l– Personal.

• Como consecuencia es el punto de mira de pmuchos.

25/03/2015 WORDPRESSA.QUANTIKA14.COM 3

Page 4: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

WordPressA Security PluginWordPressA Security Plugin

• Es un plugin de WordPress.• Orientado a prevenir posibles intrusiones.Orientado a prevenir posibles intrusiones.• Base de datos propia.

– Repositorios conocidos.– Vulnerabilidades propias.p p– Actualización cada hora.

• Sistema de alertas por correo• Sistema de alertas por correo.

25/03/2015 WORDPRESSA.QUANTIKA14.COM 4

Page 5: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

WordPressA Security PluginWordPressA Security PluginVERSIÓN 2.0VERSIÓN 2.0

1. Detección de themes.1. Detección de themes.2. Configuración de reportes.

– Diario.– Semanal.– 15 días15 días.

3. Sistema de «auto‐parcheo».

25/03/2015 WORDPRESSA.QUANTIKA14.COM 5

Page 6: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

25/03/2015 WORDPRESSA.QUANTIKA14.COM 6

Page 7: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

Posibles mejorasPosibles mejoras…

• Detección de malware.• DB backup.DB backup.• Mejoras visuales y usabilidad.

25/03/2015 WORDPRESSA.QUANTIKA14.COM 7

Page 8: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

Enfocado en la prevenciónEnfocado en la prevención…

ENFOQUES• Fortificación:

– WP Security scan– 6Scan Security– Better WP Security (Ithemes

Security)

• Prevención:Prevención:– Ithemes Security– WangGuard– WordPressA Security Plugin

25/03/2015 WORDPRESSA.QUANTIKA14.COM 8

Page 9: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

Una finalidadUna finalidad…

• única, porque ningún plugin conocido realiza un análisis de los plugins instalados y te p g yreporta posibles vulnerabilidades.

25/03/2015 WORDPRESSA.QUANTIKA14.COM 9

Page 10: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

Plugins como vector de ataquePlugins como vector de ataque

• Todos sabemos que los plugins de WordPresssuelen ser el objetivo de los intrusos.j

• Gracias a este plugin el administrador estará informado de estos puntos débiles y actuar eninformado de estos puntos débiles y actuar en consecuencia.

25/03/2015 WORDPRESSA.QUANTIKA14.COM 10

Page 11: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

25/03/2015 WORDPRESSA.QUANTIKA14.COM 11

Page 12: security plugin - IT-DOCS · 2015-04-03 · Microsoft PowerPoint - presentacin1-140403134628-phpapp01 Author: Cristina Created Date: 3/25/2015 9:31:37 AM

CONTACTO:

@TheXC3LL

[email protected]

@JorgeWebsec

[email protected]

[email protected]

@ tik 14@quantika14

/quantika14

25/03/2015 WORDPRESSA.QUANTIKA14.COM 12

/q


CAD - dl.sariasan.comdl.sariasan.com/New Softwares/Dialux 1 SariAsan.pdf · PowerEn.ir dialux 2 plugin. 1.X. plugin, plugin luminaire selection Plugin plugin. home page, Intenet Explorer

DIALux4[1].0- · PDF filedialux 2 plugin. 1.X. plugin , plugin. luminaire selection Plugin plugin . home page, Intenet Explorer

QGIS Plugin Development - Pacific Communitygisconference.gsd.spc.int/.../Day_3/Session_3/03_QGIS-Plugin-Development.pdf · QGIS Plugin Development An overview. Background • Plugins

WizIQ Virtual Classroom plugin for · PDF fileWizIQ Virtual Classroom plugin for ... Installing the plugin8 ... Moodle version 2.3 & 2.4 WizIQ Virtual Classroom plugin Plugin 2.0

Plugin Ism

MariaDB Sicherheit: Audit Plugin, Authentification Plugin, Rollen

Accelerating UI development · Storyboard Engine: task Model (sbengine_task) *.gapp Assets.lua,.png,.ttf Timer plugin (*.a) Animation plugin (*.a) Lua plugin (*.a) Render plugin (*.a)

WordPress plugin development plugin development (with pictures) Simon Wheatley WordPress plugin development (with pictures) Simon Wheatley plugins photo by djking anatomy of a plugin

Lesosai et le BEM (Building Energy Modelling) · USai Revit Plugin - Archicad (mit gratis Plugin Cadimage, Tutorial) - Sketchup (mit Plugin) - Vectorworks Architektur 2013 (ohne Plugin)

Plugin Alliance Activation Manual · Plugin Alliance Activation Manual ... 0#,$)>

DataManager Plugin - d36j349d8rqm96.cloudfront.net Plugin - M… · DataManager Plugin 6Version History 6 Version History 6.1Plugin Version Plugin-Version Date [dd.mm.yyyy] Notes

Presentacin1 150315162738 Conversion Gate01

The Query Rewrite Plugin Interface: Writing Your Own Plugin

Presentacin1 090506113146 Phpapp01

Plugin Testing

CKEditor Plugin Documentation (AutoRecovered) Plugin Documentation.pdfCKEditor 4 Plugin Documentation Contents ... This plugin allows you to install CKEditor - the Smart WYSIWYG HTML

DRUPAL 8 INFO HOOK TO PLUGIN · For a given plugin ID one single class will be used for any plugin instances using that plugin ID. A plugin instance is specified by the combination

PCM Plugin - d36j349d8rqm96.cloudfront.net PCM Plugin Manual.pdf · PCM Plugin Manual – Version 1.0 – April 2014 Page 3 of 24 What is the PCM Plugin? The PCM Plugin is the plugin

3d-plugin Licensingdoc.3d-plugin.com/3d-plugin_Installation_and_Licensing_Manual.pdf3d-plugin Licensing . 3d-plugin installation and licensing manual . A – Installation Instructions

Plugin Heuristics

QlikView Plugin User Manual - QlikView - AccessPoint Plugin User... · QlikView Plugin User Manual ... This document is a brief manual for QlikView Internet Explorer plugin, ... instead

Vivian Cristina Dias¹*, Helen Cristina Dias¹, Rebeca Durço

Presentacin1 121120192622-phpapp02

CAD - dl.poweren.irdl.poweren.ir/downloads/PowerEn/Book/2017/آموزش دیالوکس(PowerEn.ir).pdf · PowerEn.ir dialux 2 plugin. 1.X. plugin, plugin luminaire selection Plugin

WordPress Colorbox Plugin Noor's Plugin

Facebook Regisrtration Plugin (Plugin)

Hydrosphere (Cristina c, cristina b, ana maría m.)

MIDI Controlling FX chains Plugin programs & Plugin parameters

Plugin Chapter1CRMbook2e

dialux 2 - خانهabginehco.ir/wp-content/uploads/2015/11/Software-Training-DIALUX.pdf · dialux 2 plugin. 1.X. plugin, plugin. luminaire selection Plugin plugin. home page, Intenet

ReviewRocket Plugin

Conductor Plugin

Plugin Safety Check - How to Ensure Your Plugin Gets Approved

Blender Plugin Installation Guide - Amazon S3 · Blender Plugin Installation Guide Step 1: Download The Plugin a- Download Blender Plugin from ... film, and video game design

Plugin ch05