[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Kali for beginners

To: list@xxxxxxxxxxxx
Subject: Re: [LUG] Kali for beginners
From: jah <jah@xxxxxxxxxxxxxxxx>
Date: Wed, 18 May 2016 00:32:46 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dclug.org.uk; s=1460019962; h=Sender:Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Subject:In-Reply-To:MIME-Version:Date:Message-ID:From:To:References; bh=x4AUuuRlVTgtosLEssSQ4ML//rfSXb3fLgLUv/5rqdA=; b=lw2KZ841WlasoXfZrv/oWdr3OZEo1M/nv0y/HHCC4zXer81s0UFjgqU9rjJIGKnSnsqzTsaNMwkM/ZS+l0wWAGab+X7kKZ6BGnE+zndzm67maZZIGwAtvAApWIC8pqmL1Zz8cZWu5fhdIpiwazzJgzhpu7asL6eAQ4ZogXrcxhc=;

On 17/05/16 22:38, Simon Waters wrote:

Wordpress sites typically pwned by plugins or themes (or weak passwords) detailed plugin testing could be done with Kali's tools but I use Pro version and code inspection, and other approaches.

A nice tool is Nmap's http-wordpress-enum script which "Enumerates themes and plugins of Wordpress installations. The script can also detect outdated plugins by comparing version numbers with information pulled from api.wordpress.org".

The script is documented, with examples of usage and its output, at: https://nmap.org/nsedoc/scripts/http-wordpress-enum.html

-- 
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

References:
- [LUG] Kali for beginners
  - From: Tom
- Re: [LUG] Kali for beginners
  - From: Simon Waters

Prev by Date: Re: [LUG] Kali for beginners
Next by Date: Re: [LUG] HDMI monitors with 'decent' speakers
Previous by thread: Re: [LUG] Kali for beginners
Next by thread: [LUG] HDMI monitors with 'decent' speakers
Index(es):
- Date
- Thread