Hack WordPress
Tools for Scanner WP site
-Nmap NSE Script
-Burp Suite
-WPScan
-CMSMap
Tools for detect vulnerability:
— Nikto Vulnerability Scanner
— OpenVAS Vulnerability Scanner
— $ nmap -Pn exemple.com
— nesus
ButForce Login
curl -X POST -d "" http://examplewp.com/xmlrpc.php wp.getUsersBlogs admin pass
Organization DOS
curl -X POST -d "" http://examplewp.com/xmlrpc.php system.listMethods
Books and posts:
metasploit
https://www.exploit-db.com/
https://www.securityfocus.com/bid
Exploiting vulnerability WP Core
https://cvedetails.com
Примеры уязвимостей WP:
https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html