Tag Archives: WordPress

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognise something different. WhatWeb also identifies version numbers, email …

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to …

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repo …

This is a part 2 of the guide WPSCAN and quick wordpress security. It guides reader on how to fix Directory listing in WordPress. Read part 1 here WPSCAN and quick wordpress security – Part 1 Run WPSCAN WPSCAN shows I have Directory listing enabled. root@kali:~# wpscan --url www.blackmoreops.com _______________________________________________________________ …

This is a quick and simple guide utilizing wpscan to scan wordpress and fix some security issues. Very simple and easy to follow. Readers: Please read WPSCAN and quick wordpress security – Fixing Direcroty Listing – Part 2 of this series that outlines on how to fix Directory Listing. A …