NORMA eResearch @NCI Library

A Critical Review of WordPress Security Scanning Tools and the Development of a Next-Generation Solution

Gupta, Deepti (2023) A Critical Review of WordPress Security Scanning Tools and the Development of a Next-Generation Solution. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (722kB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (2MB) | Preview

Abstract

WordPress is widely used content management system (CMS), with 455 million websites supported and a 60.3% market share.92% of the vulnerabilities found in the WordPress-powered websites are due to the third-party plugins and programming errors. This paper conducts a critical review of popular tools designed to automate the process of testing the security of WordPress websites by evaluating their effectiveness, ease of use, and overall value. It provides an overview of the current state of WordPress security and the importance of regular testing. This provides the reader with a comprehensive understanding of available automation tools and assist them in making informed decisions about their use. Also a framework is proposed to address the gaps which are not covered by other tools. The proposed DeepRecon tool is aimed to automate reconnaissance and information collecting operations primarily for WordPress websites, but it is also compatible with other CMS and online applications.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: Wordpress; vulnerability; CMS; python; bash; burpsuite; WPScan; Nuclei; Nikto
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4150 Computer Network Resources > The Internet > World Wide Web > Websites > Web logs. Blogs.
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunications > The Internet > World Wide Web > Websites > Web logs. Blogs.
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 28 Apr 2023 14:23
Last Modified: 28 Apr 2023 14:23
URI: https://norma.ncirl.ie/id/eprint/6517

Actions (login required)

View Item View Item