# TAMUSA_CSCI4349_Week7_WpPentest

## Project Overview
This repository is part of a college project for the course CSCI 4349 at Texas A&M University-San Antonio. The project focuses on pentesting an outdated version of WordPress to identify, analyze, and document five specific vulnerabilities. This practical exercise aims to enhance students' understanding of cybersecurity, infosec, and network security within the context of web development.

### Project Structure
- `scripts/`: Contains all the scripts used to detect and exploit vulnerabilities.
- `walkthroughs/`: Detailed guides and steps to reproduce each vulnerability.
- `reports/`: Documentation and analysis reports for each identified vulnerability.
- `assets/`: Any images or additional files used in documentation.

## Setup Instructions

### Prerequisites
- Docker
- Docker Compose

### Installation
1. **Clone the repository**
   ```bash
   git clone https://github.com/yourusername/TAMUSA_CSCI4349_Week7_WpPentest.git
   cd TAMUSA_CSCI4349_Week7_WpPentest

2. Run Docker Compose

   docker-compose up -d

   This command will set up a WordPress environment with the specified outdated version and all necessary components.

3. Access WordPress

   • Open your web browser and navigate to http://localhost:8000 to configure WordPress.

Usage Examples

After setting up the environment, you can start testing the vulnerabilities as described in the walkthroughs:

Example: Testing SQL Injection

1. Navigate to the scripts directory:

   cd scripts/

2. Run the SQL injection script:

   python3 sql_injection_test.py

3. Observe the output and follow the steps in walkthroughs/sql_injection.md for detailed instructions.

Contribution Guidelines

We welcome contributions from students and educators who are part of the cybersecurity community. If you would like to contribute, please follow these guidelines:

1. Fork the Repository

   • Click on the 'Fork' button at the top right of this page.

2. Clone your Fork

   git clone https://github.com/yourusername/TAMUSA_CSCI4349_Week7_WpPentest.git
   cd TAMUSA_CSCI4349_Week7_WpPentest

3. Create a New Branch

   git checkout -b your-branch-name

4. Make your Changes

   • Ensure any new scripts or documentation follow the existing structure and standards.

5. Submit a Pull Request

   • Push your changes to your fork and then submit a pull request from your fork back to the original repo.

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

---

This educational project is designed to provide practical experience in understanding and mitigating security vulnerabilities in web applications.

This README.md provides a comprehensive guide to the project, detailing its structure, setup instructions, usage examples, contribution guidelines, and licensing information, tailored for an educational setting.