More and more businesses today utilize SAAS (Software as a Service) tools in their daily business. For example, it is not uncommon for a business to use WordPress as its website's content management system or Drupal for its intranet. Being able to locate vulnerabilities in these applications can prove extremely valuable.
One great resource for gathering applications to test against is Turnkey Linux (http://www.turnkeylinux.org). In this recipe, we will download the popular WordPress Turnkey Linux distribution.
A connection to the Internet or an internal network is required to complete this module.
The steps for attacking a WordPress application are as follows:
Open your web browser and visit the Turnkey Linux website at http://www.turnkeylinux.org. The homepage will look like the following screenshot:
There are many applications listed here, and I would recommend trying them all so that you can find vulnerabilities and test...