Screencast: How to use WPScan to provide WordPress plug-in security

Screencast: How to use WPScan to provide WordPress plug-in security

Date: Jan 30, 2012

Businesses are increasingly turning to WordPress to share their content on the Web, but despite WordPress itself being generally secure, the plug-ins that provide useful features for end users and website providers can introduce security vulnerabilities.

In this month’s SearchSecurity.com screencast, expert penetration tester Mike McLaughlin of First Base Technologies demonstrates how to use WPScan, a tool that exposes security vulnerabilities in WordPress plug-ins. He provides a link to download WPScan, walks through WPScan’s features, and shows how simple it is to assess a site's WordPress plug-in security. From SQL injection vulnerabilities to brute-force attacks on passwords, WPScan can help secure WordPress plug-ins quickly and easily.

About the author:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.

More on Social media security risks and real-time communication security

  • canderson

    Mobile malware and social malware: Nipping new threats in the bud

    VIDEO - Learn mobile and social media malware prevention tactics as contributor Lisa Phifer analyzes the malware risks of social media and mobile devices.
  • canderson

    Social media legal issues: Advice for IT security pros

    VIDEO - Video: When a company or its employees use social media, the IT team should understand the legal terms and conditions of each social media site.
  • canderson

    Faceoff: Has social networking changed data privacy and security?

    VIDEO - In this exclusive conversation, security industry luminaries Hugh Thompson, founder of People Security, and Adam Shostack, author of "The New School of Information Security," discuss the state of social networking and data privacy, and why the social networking phenomenon may be an infosec ticking time bomb waiting to explode.
  • The importance of social media compliance

    Answer - Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.
  • social login

    Definition - Social login is a single sign-on (SSO) that allows users to authenticate themselves on various applications and sites by connecting through a social networking site rather than typing a separate ID and password on each website. The sites most commonly associated with social login are Facebook, LinkedIn, Google and Twitter.
  • P2P malware detection techniques

    Answer - The amount of malware using peer-to-peer communications has increased dramatically. Enterprise threats expert Nick Lewis explains how to detect P2P malware.
  • How to avoid brand hacking and ensure enterprise social media security

    Tip - Enterprise social media has revolutionized how businesses communicate with consumers. However, it has also made brand hacking an even larger concern.
  • Best practices for employer monitoring of social media

    Answer - Expert Joseph Granneman explains the best way for employers to approach social media monitoring as part of a social media policy for employees.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: