CMS Hacking Tricks

DerbyCon 4.0 - Family Rootz

Presented by: Greg Foss (ˀ)
Date: Sunday September 28, 2014
Time: 15:00 - 15:50
Location: Track 3

Drupal- WordPress- and Joomla are very popular Content Management Systems (CMS) that have been widely adopted by government agencies- major businesses- social networks- and more — underscoring why understanding how these systems work and properly securing these applications is of the utmost importance. This talk focuses on the penetration tester’s perspective of CMS’ and dives into streamlining the assessment and remediation of commonly observed application and configuration flaws by way of custom exploit code and security checklists- all of which are open-source and can be downloaded and implemented following the presentation.

Greg Foss


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats