{"id":238,"date":"2013-08-27T00:00:00","date_gmt":"2013-08-27T00:00:00","guid":{"rendered":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/"},"modified":"2024-05-07T21:58:37","modified_gmt":"2024-05-07T21:58:37","slug":"tools-for-analyzing-threats-to-a-wordpress-website","status":"publish","type":"post","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/","title":{"rendered":"Tools for Analyzing Threats to a WordPress Website"},"content":{"rendered":"<p>It is not common for bloggers to post the record of attacks against their own site. But, I have chosen to post this to illustrate that <em><strong>Security by Obscurity<\/strong><\/em> does not work anymore:\u00a0 small business owners using WordPress, take note.\u00a0 What follows is a series of lists and visuals that illustrate a pattern of attacks against this website: SedonaCyberLink.com. \u00a0I will describe some of the tools I&#8217;ve used for these analyses and illustrate how you can use them for your own analysis of attacks against your website.<\/p>\n<p>I do not have a back-office database of customers.\u00a0 I do not have any specific intellectual property of note. Here, I have only the musings of a few thinkers and writers. \u00a0But, what might be making this attractive to hackers from around the world is that \u00a0I have set up a plug-in (<a title=\"Transposh website\" href=\"http:\/\/transposh.org\/\" target=\"_blank\" rel=\"noopener\">Transposh<\/a>) that provides for the translation of the website into several different languages. You can see which languages by browsing to the top right drop-down menu under \u201cView in Your Language____\u201d on the landing page.<\/p>\n<p>I have divided this essay into two parts:<\/p>\n<ul>\n<li>Brute Force password cracking attempts; and<\/li>\n<li>All Other Attacks.<\/li>\n<\/ul>\n<p><b><span style=\"text-decoration: underline;\">Brute Force Password Cracking Attempts<\/span><\/b><\/p>\n<p>Techopedia.com defines Brute Force as: <i>\u201cA brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data. Brute force attacks may be used by criminals to crack encrypted data, or by security analysts to test an organization&#8217;s network security.\u201d<\/i><\/p>\n<p>I\u2019ve been tracking the Brute Force password cracking attacks since July, 2012.\u00a0 The data visualizations you will see reflect patterns from over a year of logging and data analysis.\u00a0 This is basically an authentication-type attack method; and one that we are all subjected to on a regular basis. What is happening is that hackers, political activists, or criminals are looking for \u201cweak\u201d passwords to gain unauthorized access to websites.\u00a0 Once they have \u201ccracked\u201d a password and gained access to the root control for a site, they use that site as a proxy to launch their attacks on others.\u00a0 So, even if you are not selling anything or don\u2019t have \u201cdata\u201d that a hacker or criminal would want, you are still vulnerable by virtue of being a potential beachhead for attacks on others:\u00a0 small businesses are especially vulnerable.<\/p>\n<p>The key with these types of attacks is to set a limit on the number of attempts that a user can try before being locked out.\u00a0 Also, web administrators should set up alerts when a user exceeds the number of attempts.\u00a0 For my site, I blacklisted each user that exceeded a certain number of attempts against a specific service.\u00a0 Note that logs post the service attacked, as well as the number of attempts.\u00a0 The IP address origin is sometimes questionable because attackers can be using compromised websites (from people with unpatched computers) and\/or TOR anonymzing, or another unsuspecting proxy.\u00a0\u00a0 Therefore, take care of drawing any conclusions based only on IP addresses.\u00a0 Nonetheless, it is useful to track them, even if it is only to see where the proxies are coming from, geographically.To the right is a visual diagram that shows the decrease in hits against my own site once I started blacklisting the IP addresses responsible for Brute Force attacks against SedonaCyberLink.com. Note that I\u2019ve color-coded the figure based on the geographic area that the attack came from. This diagram was generated using the data visualization tool: <a title=\"Tableau Software website\" href=\"http:\/\/www.tableausoftware.com\/\" target=\"_blank\" rel=\"noopener\">Tableau<\/a>.<\/p>\n<p>Another useful data visualization for showing the magnitude of \u00a0attacks from any one country is a &#8220;Heat Map.&#8221; \u00a0This shows that most of the Brute Force attacks against this site are coming from Asia and North America, and, to a lesser extent, Europe.<\/p>\n<p>As noted above, website administrators should bar users from too many passwords attempts in a single session. \u00a0Then, set up an &#8220;alert&#8221; to be sent to the administrative eMail when a user exceeds the limit set. \u00a0The website manager should then &#8220;black list&#8221; IP addresses that are Brute Force attacking services on the server. \u00a0If you don&#8217;t know how, contact your hosting service for instructions.<\/p>\n<p><b><span style=\"text-decoration: underline;\">Other Attacks<\/span><\/b><\/p>\n<p>I\u2019ve also been logging all other types of attacks for about three months beginning on June 10, 2013.\u00a0 These other attacks are being tracked using a WordPress Plugin called:\u00a0 <a title=\"Attack-Scanner website\" href=\"http:\/\/www.attack-scanner.com\/\" target=\"_blank\" rel=\"noopener\">Attack-Scanner<\/a>. \u00a0There is a free version, and a paid version of this software. \u00a0The paid version allows the website manager to &#8220;block&#8221; the IP addresses generating the attacks with the single push of a button. \u00a0There is also a statistics tool within Attack-Scanner that allows for the roll-up and visualization of the data. \u00a0Below are some images generated from the embedded statistics tool of the paid version.<\/p>\n<div align=\"center\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td valign=\"top\" width=\"319\">\n<p align=\"center\"><b>Top 10 Attacks by City<\/b><\/p>\n<p align=\"center\">Beijing attacked 3507 times.<\/p>\n<p align=\"center\">Ho Chi Minh City attacked 1837 times.<\/p>\n<p align=\"center\">Sayreville attacked 1224 times.<\/p>\n<p align=\"center\">San Jose attacked 830 times.<\/p>\n<p align=\"center\">Kansas City attacked 469 times.<\/p>\n<p align=\"center\">Hanoi attacked 350 times.<\/p>\n<p align=\"center\">Tianjin attacked 289 times.<\/p>\n<p align=\"center\">Seattle attacked 262 times.<\/p>\n<\/td>\n<td valign=\"top\" width=\"319\">\n<p align=\"center\"><b>Top 10 Attacks by Country<\/b><\/p>\n<p align=\"center\">China attacked 4039 times.<\/p>\n<p align=\"center\">United States attacked 3843 times.<\/p>\n<p align=\"center\">Vietnam attacked 2187 times.<\/p>\n<p align=\"center\">Germany attacked 481 times.<\/p>\n<p align=\"center\">Netherlands attacked 204 times.<\/p>\n<p align=\"center\">Czech Republic attacked 143 times.<\/p>\n<p align=\"center\">France attacked 120 times.<\/p>\n<p align=\"center\">United Kingdom attacked 95 times.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>To the right is a map that illustrates where these attacks are coming from: As you can see, many of the attacks against this site in this category are also from the U.S., Europe and China. \u00a0Within the plugin there is an interactive map that allows the user to mouse over and see a pop-up with the IP address and other data associated with each attack. \u00a0Website administrators can use this tool for further investigating patterns of attack against their sites.<\/p>\n<p>The following tables show the top 10 attack types and the top 10 attackers by IP address.<\/p>\n<div align=\"center\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td valign=\"top\" width=\"319\">\n<p align=\"center\"><b>Top 10 Attack Types<\/b><\/p>\n<p align=\"center\">WordPress Username Deduction was used 11083 times.<\/p>\n<p align=\"center\">Possible XML-RPC Attacks was used 199 times.<\/p>\n<p align=\"center\">SQLi was used 173 times.<\/p>\n<p align=\"center\">WordPress Trackback was used 126 times.<\/p>\n<p align=\"center\">XSS was used 4 times.<\/p>\n<p align=\"center\">Directory Traversal\/Local File Inclusion was used 2 times.<\/p>\n<\/td>\n<td valign=\"top\" width=\"319\">\n<p align=\"center\"><b>Top 10 Attackers by IP Address<\/b><\/p>\n<p align=\"center\">220.181.89.186 attacked 2229 times.<\/p>\n<p align=\"center\">54.241.148.89 attacked 829 times.<\/p>\n<p align=\"center\">123.30.175.118 attacked 339 times.<\/p>\n<p align=\"center\">123.30.175.84 attacked 309 times.<\/p>\n<p align=\"center\">123.30.175.83 attacked 292 times.<\/p>\n<p align=\"center\">123.30.175.121 attacked 284 times.<\/p>\n<p align=\"center\">123.30.175.86 attacked 262 times.<\/p>\n<p align=\"center\">123.30.175.120 attacked 239 times.<\/p>\n<p align=\"center\">123.30.175.119 attacked 232 times.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"text-align: left;\">The User Name Deduction attack was by far the most frequent, followed by the XML remote procedure call (RPC) attack method, then the SQL injection (SQLi) method. \u00a0Trackback was used 126 times and there were only 4 attempts at Cross Site Scripting (XSS). What this tells me is that the attackers are trying to use, primarily, an access and privilege escalation tactic. \u00a0This would be consistent with the profile of a state-actor or cyber-criminal seeking to compromise a vulnerable website and use it as a beachhead for conducting further attacks on other sites with sensitive data (personally identifiable information [PII] of customers and\/or intellectual property).<\/p>\n<p style=\"text-align: left;\">The Statistics tools within the paid version of AttackScanner will also give the user the top 10 attack strings (not shown here).\u00a0 This is helpful for fixing vulnerable code within your WordPress site.<\/p>\n<p style=\"text-align: left;\"><b>Most Frequent Days of Attacks<\/b><\/p>\n<p style=\"text-align: left;\">The Attack-Scanner tool also automatically compiles the most frequent days of attack, as shown to the left.\u00a0 Saturday appears to be a busy day in the hacker and criminal world.<\/p>\n<p style=\"text-align: left;\">I also exported the \u00a0data into an Excel file for use with Tableau. \u00a0The data visualization at the right showed that IP addresses from the same countries as the Brute Force attack pattern are responsible for most of the attacks. The horizontal bar chart is just one of many visual tools that Tableau offers. The user also has control over such features as font style and type, and size. \u00a0Colors can also be modified through a simple control panel.<\/p>\n<p style=\"text-align: left;\">Another useful view of these same data show the type of browser (by version) the various attacks were coming from.\u00a0\u00a0The &#8220;Bubble&#8221; image to the right presents these data. As you can see, attacks from Beijing are primarily coming through the Sogou web portal, with Mozilla a close 2nd. \u00a0Most of the attacks from a U.S. IP address are coming from Sayerville, New Jersey.<\/p>\n<p style=\"text-align: left;\">Another useful piece of information is a summary of the attack vector by country. The diagram below presents these analyses. Note that the Get Method is the most used both for remote calls and for user name deduction attacks.<\/p>\n<p style=\"text-align: left;\">The material presented in this essay illustrates that <em><strong>Security by Obscurity<\/strong><\/em> does not work. \u00a0No matter how small you are, if you have a presence on the web, you are subject to attack. \u00a0The tools presented here are valuable for gauging attack patterns for WordPress sites.<\/p>\n<p style=\"text-align: left;\">Now, the objective is, to protect your site. \u00a0Besides Attack-Scanner, there are other useful tools including an excellent administrative tool that includes a security feature: <a title=\"GD Press Tool website\" href=\"http:\/\/www.dev4press.com\/plugins\/gd-press-tools\/\" target=\"_blank\" rel=\"noopener\">GD Press Tools<\/a>. \u00a0With all of these tools that I have recommended, note that I&#8217;ve also found excellent customer support.<\/p>\n<p style=\"text-align: left;\">Signing off now to go battle the attackers.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.  <\/p>\n","protected":false},"author":2,"featured_media":3748,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"elementor_theme","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[275,232],"tags":[233,234,235,236,237,238,239,240],"class_list":["post-238","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-botnets","category-tools","tag-authentication-type","tag-brute-force-attack","tag-data-visualizations","tag-encrypted-data","tag-network-security","tag-personal-identification-number","tag-robots","tag-security-analysts"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.9.5.2 - aioseo.com -->\n\t<meta name=\"description\" content=\"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Jane Ginn\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.9.5.2\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"CTIN - Cybersecurity Center\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Tools for Analyzing Threats to a WordPress Website - CTIN\" \/>\n\t\t<meta property=\"og:description\" content=\"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"112\" \/>\n\t\t<meta property=\"og:image:height\" content=\"112\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2013-08-27T00:00:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-05-07T21:58:37+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@CTIN_Global\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Tools for Analyzing Threats to a WordPress Website - CTIN\" \/>\n\t\t<meta name=\"twitter:description\" content=\"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@CTIN_Global\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#blogposting\",\"name\":\"Tools for Analyzing Threats to a WordPress Website - CTIN\",\"headline\":\"Tools for Analyzing Threats to a WordPress Website\",\"author\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2013\\\/08\\\/DigitalHead.png\",\"width\":1200,\"height\":675,\"caption\":\"Head of robot with computer code overlay\"},\"datePublished\":\"2013-08-27T00:00:00+00:00\",\"dateModified\":\"2024-05-07T21:58:37+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#webpage\"},\"articleSection\":\"Botnets, Tools, authentication type, brute force attack, data visualizations, encrypted data, network security, personal identification number, robots, security analysts\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"name\":\"Posts\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"position\":2,\"name\":\"Posts\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"name\":\"CyberSecurity\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"position\":3,\"name\":\"CyberSecurity\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/tools\\\/#listItem\",\"name\":\"Tools\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"name\":\"Posts\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/tools\\\/#listItem\",\"position\":4,\"name\":\"Tools\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/tools\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#listItem\",\"name\":\"Tools for Analyzing Threats to a WordPress Website\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"name\":\"CyberSecurity\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#listItem\",\"position\":5,\"name\":\"Tools for Analyzing Threats to a WordPress Website\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/tools\\\/#listItem\",\"name\":\"Tools\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\",\"name\":\"Cyber Threat Intelligence Network\",\"description\":\"Cybersecurity Center\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/\",\"telephone\":\"+14804624039\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/cropped-cropped-2020-logo.png\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#organizationLogo\",\"width\":757,\"height\":237},\"image\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/CyberThreatIntelligenceNetwork\\\/\",\"https:\\\/\\\/twitter.com\\\/CTIN_Global\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/janeginn\\\/\",\"https:\\\/\\\/bsky.app\\\/profile\\\/janeginn.bsky.social\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/\",\"name\":\"Jane Ginn\",\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/rjg-PhonePhoto.PNG\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/CTIN_Global\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/janeginn\\\/\",\"https:\\\/\\\/bsky.app\\\/profile\\\/janeginn.bsky.social\",\"https:\\\/\\\/infosec.exchange\\\/@ctin\"],\"description\":\"As the co-founder of the US-based Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. Her work with the Cyber Threat Intelligence (CTI) technical committee earned her the 2020 Distinguished Contributor award from OASIS. She is currently supporting the analysis services of Datos Insights, an advisory firm focusing on the financial services sector. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn\",\"jobTitle\":\"CTIN President & Co-Founder\",\"alumniOf\":[{\"@type\":\"EducationalOrganization\",\"name\":\"Norwich University\",\"sameAs\":\"https:\\\/\\\/online.norwich.edu\\\/online\\\/programs-courses\\\/programs\\\/master-science-cybersecurity\"}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#webpage\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/\",\"name\":\"Tools for Analyzing Threats to a WordPress Website - CTIN\",\"description\":\"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2013\\\/08\\\/DigitalHead.png\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#mainImage\",\"width\":1200,\"height\":675,\"caption\":\"Head of robot with computer code overlay\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2013\\\/08\\\/27\\\/tools-for-analyzing-threats-to-a-wordpress-website\\\/#mainImage\"},\"datePublished\":\"2013-08-27T00:00:00+00:00\",\"dateModified\":\"2024-05-07T21:58:37+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#website\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/\",\"name\":\"Training Center\",\"description\":\"Cybersecurity Center\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>Tools for Analyzing Threats to a WordPress Website - CTIN<\/title>\n\n","aioseo_head_json":{"title":"Tools for Analyzing Threats to a WordPress Website - CTIN","description":"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.","canonical_url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#blogposting","name":"Tools for Analyzing Threats to a WordPress Website - CTIN","headline":"Tools for Analyzing Threats to a WordPress Website","author":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"publisher":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2013\/08\/DigitalHead.png","width":1200,"height":675,"caption":"Head of robot with computer code overlay"},"datePublished":"2013-08-27T00:00:00+00:00","dateModified":"2024-05-07T21:58:37+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#webpage"},"isPartOf":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#webpage"},"articleSection":"Botnets, Tools, authentication type, brute force attack, data visualizations, encrypted data, network security, personal identification number, robots, security analysts"},{"@type":"BreadcrumbList","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com#listItem","position":1,"name":"Home","item":"https:\/\/cyberthreatintelligencenetwork.com","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","name":"Posts"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","position":2,"name":"Posts","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","name":"CyberSecurity"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","position":3,"name":"CyberSecurity","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/#listItem","name":"Tools"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","name":"Posts"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/#listItem","position":4,"name":"Tools","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#listItem","name":"Tools for Analyzing Threats to a WordPress Website"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","name":"CyberSecurity"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#listItem","position":5,"name":"Tools for Analyzing Threats to a WordPress Website","previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/#listItem","name":"Tools"}}]},{"@type":"Organization","@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization","name":"Cyber Threat Intelligence Network","description":"Cybersecurity Center","url":"https:\/\/cyberthreatintelligencenetwork.com\/","telephone":"+14804624039","logo":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2021\/01\/cropped-cropped-2020-logo.png","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#organizationLogo","width":757,"height":237},"image":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#organizationLogo"},"sameAs":["https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/","https:\/\/twitter.com\/CTIN_Global","https:\/\/www.linkedin.com\/in\/janeginn\/","https:\/\/bsky.app\/profile\/janeginn.bsky.social"]},{"@type":"Person","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author","url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/","name":"Jane Ginn","image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/07\/rjg-PhonePhoto.PNG"},"sameAs":["https:\/\/x.com\/CTIN_Global","https:\/\/www.linkedin.com\/in\/janeginn\/","https:\/\/bsky.app\/profile\/janeginn.bsky.social","https:\/\/infosec.exchange\/@ctin"],"description":"As the co-founder of the US-based Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. Her work with the Cyber Threat Intelligence (CTI) technical committee earned her the 2020 Distinguished Contributor award from OASIS. She is currently supporting the analysis services of Datos Insights, an advisory firm focusing on the financial services sector. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn","jobTitle":"CTIN President & Co-Founder","alumniOf":[{"@type":"EducationalOrganization","name":"Norwich University","sameAs":"https:\/\/online.norwich.edu\/online\/programs-courses\/programs\/master-science-cybersecurity"}]},{"@type":"WebPage","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#webpage","url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/","name":"Tools for Analyzing Threats to a WordPress Website - CTIN","description":"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#website"},"breadcrumb":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#breadcrumblist"},"author":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"creator":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2013\/08\/DigitalHead.png","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#mainImage","width":1200,"height":675,"caption":"Head of robot with computer code overlay"},"primaryImageOfPage":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/#mainImage"},"datePublished":"2013-08-27T00:00:00+00:00","dateModified":"2024-05-07T21:58:37+00:00"},{"@type":"WebSite","@id":"https:\/\/cyberthreatintelligencenetwork.com\/#website","url":"https:\/\/cyberthreatintelligencenetwork.com\/","name":"Training Center","description":"Cybersecurity Center","inLanguage":"en-US","publisher":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"CTIN - Cybersecurity Center","og:type":"article","og:title":"Tools for Analyzing Threats to a WordPress Website - CTIN","og:description":"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.","og:url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/","og:image":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png","og:image:secure_url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png","og:image:width":112,"og:image:height":112,"article:published_time":"2013-08-27T00:00:00+00:00","article:modified_time":"2024-05-07T21:58:37+00:00","article:publisher":"https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/","twitter:card":"summary","twitter:site":"@CTIN_Global","twitter:title":"Tools for Analyzing Threats to a WordPress Website - CTIN","twitter:description":"This essay provides links to some tools that analysts can use to visually display patterns of attack against a WordPress website.","twitter:creator":"@CTIN_Global","twitter:image":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png"},"aioseo_meta_data":{"post_id":"238","title":null,"description":null,"keywords":null,"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":null,"schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"seo_analyzer_scan_date":"2025-08-25 22:19:02","breadcrumb_settings":null,"limit_modified_date":false,"reviewed_by":null,"open_ai":"{\"title\":{\"suggestions\":[],\"usage\":0},\"description\":{\"suggestions\":[],\"usage\":0}}","ai":null,"created":"2021-08-07 21:53:22","updated":"2025-08-25 22:19:02"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/\" title=\"Posts\">Posts<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/\" title=\"CyberSecurity\">CyberSecurity<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/\" title=\"Tools\">Tools<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\tTools for Analyzing Threats to a WordPress Website\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/cyberthreatintelligencenetwork.com"},{"label":"Posts","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/"},{"label":"CyberSecurity","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/"},{"label":"Tools","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/tools\/"},{"label":"Tools for Analyzing Threats to a WordPress Website","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2013\/08\/27\/tools-for-analyzing-threats-to-a-wordpress-website\/"}],"amp_enabled":false,"_links":{"self":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/comments?post=238"}],"version-history":[{"count":3,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/238\/revisions"}],"predecessor-version":[{"id":3750,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/238\/revisions\/3750"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/media\/3748"}],"wp:attachment":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/media?parent=238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/categories?post=238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/tags?post=238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}