* Cantinho Satkeys

Refresh History
  • Gerard: j'espère que tous sont en train d'être bem
    12 de Setembro de 2025, 13:28
  • Gerard: Boas tardes
    12 de Setembro de 2025, 13:26
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana   4tj97u<z
    12 de Setembro de 2025, 11:51
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    12 de Setembro de 2025, 03:29
  • yaro-82: 1994
    07 de Setembro de 2025, 16:49
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  43e5r6
    07 de Setembro de 2025, 10:52
  • j.s.: tenham um excelente fim de semana  49E09B4F
    06 de Setembro de 2025, 17:07
  • j.s.: dgtgtr a todos  4tj97u<z
    06 de Setembro de 2025, 17:07
  • FELISCUNHA: Boa tarde pessoal  49E09B4F bom fim de semana  htg6454y
    05 de Setembro de 2025, 14:53
  • JPratas: try65hytr A Todos  4tj97u<z classic k7y8j0
    05 de Setembro de 2025, 03:10
  • cereal killa: dgtgtr pessoal  4tj97u<z
    03 de Setembro de 2025, 15:26
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    01 de Setembro de 2025, 11:36
  • j.s.: de regresso a casa  535reqef34
    31 de Agosto de 2025, 20:21
  • j.s.: try65hytr a todos  4tj97u<z
    31 de Agosto de 2025, 20:21
  • FELISCUNHA: ghyt74   49E09B4e bom fim de semana  4tj97u<z
    30 de Agosto de 2025, 11:48
  • henrike: try65hytr     k7y8j0
    29 de Agosto de 2025, 21:52
  • JPratas: try65hytr Pessoal 4tj97u<z 2dgh8i classic k7y8j0
    29 de Agosto de 2025, 03:57
  • cereal killa: dgtgtr pessoal  2dgh8i
    27 de Agosto de 2025, 12:28
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  4tj97u<z
    24 de Agosto de 2025, 11:26
  • janstu10: reed
    24 de Agosto de 2025, 10:52
« anterior seguinte »
Páginas: [1]   Ir para o fundo

Autor Tópico: WordPress for Pentesters  (Lida 112 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Offline mitsumi

  • Sub-Administrador
  • ****
  • Mensagens: 124987
  • Karma: +0/-0
WordPress for Pentesters
« em: 22 de Julho de 2021, 09:15 »

MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English + srt | Duration: 12 lectures (1h 58m) | Size: 941.5 MB
Learn how to enumerate and exploit WordPress CMS

What you'll learn:
Enumerate WordPress
Enumerate Users , Themes , Plugins in WordPress
Bruteforce Attacks using XMLRPC , Python , BurpSuite and Hydra
Bruteforce Attacks using Metasploit
Exploit Themes , Plugins and Pop a Shell
Shell Upload using Metasploit

Requirements
No Prerequisites needed but web and python fundamentals are optional

Description
This course teaches you how to enumerate WordPress CMS.

Wordpress cms is one of most popular cms to build blogs , shopping websites and more

Wordpress comes with lot of 3rd party plugins and themes

so does vulnerabilities and misconfigurations

We need to know how hackers attack wordpress thus protecting ourself from the attacks

We will see how to enumerate and bruteforce with python , burp , wpscan , metasploit etc

tools like wpscan does awesome job at enumeration and also at bruteforce attacks thus testing our password security

Metasploit have some auxiliary scanners and wordpress exploits to test aganist wordpress

we can script our code in python to bruteforce the login credentials and hence some what faster than burp community edition

Burp professional edition have the option of multi threading thus testing passwords faster

but in this course we will not discuss about professional edition as it is not free

we will also get the reverse shell from the vulnerable wordpress machine

Bonus video includes how we attack a Drupal CMS using droopescan

we can use droopescan to scan wordpress , joomla , drupal , moodle etc

but for wordpress we better use wpscan first

later we see some try hack me writeup which involves pentesting wordpress cms and exploiting it

after this course you can try mrrobot room from tryhackme and test your skills

Who this course is for
Anyone who is interested in Pentesting
Anyone who wants to learn how to pentest Wordpress or any other CMS


Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction
Registado
Páginas: [1]   Ir para o topo
« anterior seguinte »