Penetration test can take a lot of time to learn properly and in depth.
Today we will cover just a small part of this whole field.
We will apply our penetration test on wordpress sites that nowadays are almost 80% Of the internet websites.
So I will be using a very famous tool for today’s penetration test which is wpscan.
wpscan is one of the packages shipped by default with Kali linux.
If you don’t have Kali linux, here’s how to do it on Ubuntu
So we will enable the Kali linux repo by opening our terminal and putting this command:
sudo add-apt-repository ppa:wagungs/Kali-linux
Afterwards we need to refresh our sources by putting this command:
sudo apt-get update
Next we would need a package manager, if you used older versions of Ubuntu I am sure you’ve used synaptic.
sudo apt-get install synaptic
Run synaptic and search for “wpscan” and install it, afterwards let’s open a new terminal window.
Let’s run our first penetration test:
wpscan –url http://yourwordpresssite.com
You’ll see something similar to this:
wpscan is really rich, you get to choose exactly what you would like to do for example here are some features:
Now all the results will appear on your screen, you can find the vulnerability and patch it.
Please remember that penetration test, is for ethical hackers and protection against attacks, don’t use this guide for any other purpose.
This was just the wpscan package from Kali linux, however this distro is really rich of many other tools, if security is your field of interest, give kali linux a try on a VM on your computer.
Comments are closed.