Difference between revisions of "Test my site for vulnerabilities"

m (removed hacking threat category)
(added tools)
 
Line 3: Line 3:
 
|Scenario Task Parent=My Website
 
|Scenario Task Parent=My Website
 
|Scenario Task Type=Unauthorised Access
 
|Scenario Task Type=Unauthorised Access
 +
|Scenario Tools and Services=Nmap, Nessus
 
|Scenario Task Description=The rule of thumb for not getting your site hacked or infected with malware is:
 
|Scenario Task Description=The rule of thumb for not getting your site hacked or infected with malware is:
 
* Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)
 
* Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)

Latest revision as of 10:40, 26 November 2015

Solution- Unauthorised Access
Tools and Services: Nmap, Nessus

The rule of thumb for not getting your site hacked or infected with malware is:

  • Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)
  • Do not install or run any services you are not currently using
  • Make sure your web hosting service continually updates their own systems and services

Testing a site for vulnerabilities is not an easy task. You need to look not only at the various systems your website is comprised of and depends on, but to be able to interpret the results as well. A vulnerability could be found and exploited on a systems level (e.g. hosting set-up), in the web server configuration, inside Wordpress or in some third-party plug-in you have installed within it.

An online penetration test is available with several testing options, including a passive reconnaissance 'Google hacking' test. In principle it is recommended to run your own vulnerability testing systems, including the popular Nmap tool and the surprisingly easy to set up but very well respected Nessus vulnerability scanner.

Many vulnerabilities occur at the user level - with you. For an in-depth look into auditing internal organisational processes and systems, refer to the Safetag project and make sure you have read the section on how to protect your computer.



Translations
  Base Page Language Modification dateThis property is a special property in this wiki.
Fa/بررسی وبگاه من از نظر آسیب‌پذیری Test my site for vulnerabilities fa 26 March 2016 11:13:26