# Home ## 🏠 Welcome to the WordPress Hacking Book **Author:** Very Lazy Tech\ **Focus:** Practical WordPress hacking labs based on Hack The Box (HTB) & real-world scenarios *** ### **About This Book** WordPress powers over **40% of websites** worldwide, making it a frequent target for attackers. This book is designed to take you on a **hands-on journey** from beginner to advanced WordPress pentester. You will learn: * How WordPress works under the hood (themes, plugins, core files, database). * How to identify and exploit common vulnerabilities. * Post-exploitation techniques to escalate privileges and gain remote access. * How to defend WordPress sites against attacks. Every chapter includes **real HTB-style labs**, exercises, and practical examples to help you practice safely and effectively. *** ### **How to Use This Book** 1. **Follow the sections sequentially** * Start with **Introduction** to understand architecture and attack surfaces. * Move on to **Enumeration**, then **Exploitation**, and finally **Post-Exploitation & Defense**. 2. **Practice with labs** * Whenever a lab is referenced, try to replicate it in a **safe environment** (local VM or HTB labs). * Never test these techniques on live websites without permission. 3. **Use the appendices** * **Cheat Sheets**: Quick reference for commands, paths, and tools. * **Lab Setup Guide**: Step-by-step instructions to prepare a WordPress lab using Docker or a virtual machine. * **Top Tools**: Recommended tools for enumeration, exploitation, and post-exploitation. *** ### **Recommended Environment** * **Operating System:** Kali Linux or any Linux distribution with pentesting tools. * **WordPress Lab:** Local VM, Docker, or Hack The Box labs. * **Tools Installed:** * WPScan * Burp Suite / OWASP ZAP * Metasploit * Curl, wget, netcat *** ### **Safety and Ethics** All exercises in this book are intended for **educational purposes only**.\ Do **not** attempt to hack websites without explicit permission. Illegal testing can result in serious consequences. By following this book, you are agreeing to use this knowledge **ethically and responsibly**.