WordPress Penetration Testing

This skill is an explicit offensive penetration-testing playbook for WordPress containing detailed, actionable exploitation steps (enumeration, brute-force, webshell creation, reverse shells, Metasploit usage). For legitimate, authorized security testing it is coherent with its stated purpose; however, it provides step-by-step weaponization guidance that enables credential harvesting, remote code execution, persistence, and data exfiltration. The document recommends techniques that weaken security (disabling TLS checks, proxy/anonymize) and shows how to create/upload backdoors. If used without written authorization it is illegal and malicious. From a supply-chain perspective there is no hidden obfuscation or encoded payloads in this file itself, but the described flows and sinks are high-risk. Overall this is a high-risk, dual-use offensive skill: acceptable only for authorized security professionals with strict controls. Exercise strong operational and legal safeguards before using these instructions.