EPISODE · Jun 29, 2017 · 11 MIN
7MS #264: Hacking Wordpress
from 7 Minute Security · host Brian Johnson
I was pleasantly surprised to see a Wordpress site fall into a pentest scope this past week. One helpful tool to get familiar with when attacking Wordpress sites is wpscan, which is built right into Kali - or you can grab it from GitHub. Get familiar with the command line flags as they can help you conduct a more gentle scan that recovers from site errors/disconnections more easily. Specifically, read up on these options: --throttle - for example, I've been using --throttle 1000 in order to be a bit less intense on my target site --request-timeout and --connect-timeout help your scan recover smoothly from site errors/timeouts Also, if you find yourself in a situation where you're testing a production Wordpress sight (not recommended), consider setting up a free up/downtime alert via a free service like Uptime Robot so you can get emails if the site ever poops out. That certainly beats hitting F5 in Firefox every 10 seconds :-)
NOW PLAYING
7MS #264: Hacking Wordpress
No transcript for this episode yet
Similar Episodes
Jul 14, 2026 ·77m
Jun 20, 2026 ·31m
Jun 20, 2026 ·24m
Jun 20, 2026 ·42m
Jun 20, 2026 ·26m
Jun 20, 2026 ·22m