First Post

This is the start, what this is all about. I will take the top Content Management Systems (CMS) install them to a Virtual Machine (VM) and look at these things.

• default usernames, passwords, databases.
• permissions on creating content, managing content, and deleting content.
• what vectors are might be vulnerable and how to find more information that could lead to exploitation. 
• Demonstrate walking through the application with Burp (http://portswigger.net/) and Zap (https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project)

In some cases an older version of the software maybe used to find already identified vulnerabilities. The code will then be evaluated to show what improvements were made.