More and more businesses today utilize SAAS (Software as a Service) tools in their daily business. For example, it is not uncommon for a business to use WordPress as its website's content management system or Drupal for its intranet. Being able to locate vulnerabilities in these applications can prove extremely valuable.
One great resource for gathering applications to test against is Turnkey Linux (http://www.turnkeylinux.org). In this recipe, we will download the popular WordPress Turnkey Linux distribution.
A connection to the Internet or an internal network is required to complete this module.
The steps for attacking a WordPress application are as follows: