After getting hacked we all wonder, “What could I have done to avoid being hacked?” In some cases the answer is complicated, but a lot of the time it’s relatively simple and many checklists and guides outline the way sites can be hacked and how to secure them. So for the next 30 minutes, we’re going to hack into WordPress so you can create your checklist firsthand.
We will target a vulnerable installation of WordPress and attack the usual weaknesses to compromise the site. After every attack we perform, we will make the required changes to block the attack, and then attempt to compromise the site again, hopefully unsuccessfully this time! The goal is to think like a hacker, learning what types of vulnerabilities exist and how they are exploited, so we can better protect our sites and block hackers before they get in. By the end of the talk, we should have a secure site and an incredibly frustrated hacker.