WORDPRESS Hacking Workshop


Hacking started as a prank in MIT and grew into a different thing. Earlier hacking was a way to showcase your ninja skills. Nowadays, it has grown to an easy and illegal money making method. Hackers use hacked websites, databases for spamming purposes, selling user information like social security numbers, credit card details and other stuff in underground markets and private forums. Moreover, hacking is done to show-off or as a part of cyber war between different countries.

This e-book contains text materials from the course.

Module 1

    • Tutorial 1: WordPress Fingerprinting

    • So let’s get started

        • Method 1: The meta tag

        • Method 2: Silly Little mistakes

        • Method 3: Tools

            • a) WpScan

            • b) whatweb

    • Tutorial 2: Basics of most Popular Attacks

        • Index Browsing

        • Login Details

            • Simple/Traditional Brute Force

            • Dictionary Attack

    • Vulnerable Plugins

    • Tutorial 3

        • How WpScan Work

 Module 2 Coding Facts (Theme Backdooring and plug-in Vulnerability)

    • Tutorial 1: Eight Mistakes Developers Mostly Make

        • Use of Unsecure Hosting

        • Forget to Update WordPress Version, Theme OR Plug-in

        • Use “admin:admin” as Username:Password

        • Use of Simple Password

        • Use of Free Themes

        • Forget to Change Default Table Prefix

        • Unsecure Coding

        • Using the Default Permalink Structure

    • Tutorial 2: How is WordPress Theme backdoored?

        • WHAT IS a BACKDOOR?


    • Tutorial 3: Hack the ackable (Making the Service Unavailable)

        • DDOS (Distributed Denial of Service)

Module 3

    • Tutorial 1

    • List of Top WordPress Malware Infections

        • Top WordPress Malware Infections

    • Tutorial 2

        • How to Detect and Clean Malware from WordPress Websites

        • Identifying Badware Behavior

        • Removing Badware Behavior

        • Removing Google Blacklisting

    • Tutorial 3 How to Protect Your Website from Malware Infections

        • Reset Your Password(s)

        • Update Everything

        • Remove Any Unused and Outdated Items

        • Get Rid of Common WordPress Elements

        • Limit the Access

        • Set Up Alerting and Monitoring

        • Register with Google Webmaster Tools

        • Monitor the Changed Files

        • Update WP-Config Security Salts

        • Install and Configure a Security Plug-in

        • Set Up and Test a Back-up Solution

 Module 4 WordPress Security

    • Tutorial 1 Understanding wp-config.php/.htaccess/robots.txt

        • WordPress Security With wp-config.php

        • WordPress Security Via .htaccess

        • WordPress Security via robots.txt

        • Secure Your Website from Website Copier Tools

        • Robots.txt Used in another Way for WordPress Security

    • Tutorial 2

        • Sucuri Security – SiteCheck Malware Scanner

        • Wordfence

        • Acunetix WP Security Scan

        • BulletProof Security

        • All-In-One WordPress Security and Firewall Plug-in

    • Tutorial 3 Implementing the Security Plug-in

        • How to Install WordPress on localhost

        • Malicious File Located via Plug-ins


April 19, 2022
Notify of
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.