Wordpress 道德黑客和 Wordpress 安全课程

Wordpress Ethical Hacking and Wordpress Security Course

上一讲： 1. Introduction

下一讲： 2. Installing Wordpress

视频列表

1. Introduction
1. Introduction
2. Intro to Wordpress
1. What is wordpress
2. Installing Wordpress
3. Wordpress Main Files
4. Wordpress User & Roles
5. Wordpress Dashboard Overview
6. Installing Kali Linux
7. Get WordPress version
8. Get Wordpress Users
3. Intro to WPScan
1. WPScan Overview and Getting Token
2. What can WPScan check for
3. basic scan
4. Enumeration Modes
5. Enumeration Options
7. user enumeration with WPScan
4. Exploiting a Vulnerable Plugin & Core
1. WordPress Plugin Reflex Gallery - Arbitrary File Upload
2. Gwolle GuestBook RFI
3. Mail Masta 1.0 - Local File Inclusion
4. Brute Force User Password, Upload Plugin, Modified Theme
6. Plainview Activity Monitor CSRF & RCE
8. Local File Inclusion to Shell Part 1
9. Local File Inclusion to Shell Part 2
10. incomplete wordpress install
11. So Simple Remote Code Execution
12. Wordpress Host Server - Arbitrary File Upload
5. Attacking WordPress with Metasploit
1. WordPress Enumeration With Metasploit
2. Wordpress User Enumeration With Metasploit
3. Metasploit to upload a malicious WordPress Plugin
4. Jerome WP Crop Shell (Authenticated)
6. WordPress Hardening
1. stop-user-enumeration
2. Change the Default “admin” username
3. Disable File Editing & Disable plugin Upload
4. Move or rename wp-admin and wp-login
5. WP Hardening – Fix Your WordPress Security
6. Disable PHP File Execution in Certain WordPress Directories
7. Limit Login Attempts
8. Disable XML-RPC in WordPress
9. Automatically log out Idle Users in WordPress
10. Enable Two-Factor Authentication (2FA)
11. Install a Security Plugin