AplexTM 3 Welcome on WPScan tutorial! WPScan is popular tool to scan pages built with wordpress. It wont do whole job for you, but it may be helpful to gain information about your target. You dont need any special knowledge to use it, tool is very helpful for beginners. Everything you need is your computer with linux, Kali has pre-installed wpscan. To run wpscan on kali just type 'wpscan' in your terminal. There are many useful options, I will show you some of them below: --url -> As you guess, you have to type your target's url here --enumerate -> This will give you lots of information about website. Firstly you have specify what do you exactly need. Here are some options: --enumerate p -> Enumerates installed plugins --enumerate vp -> Enumerates vulnerable plugins installed on your target --enumerate u -> Enumerates users --enumerate t -> Enumerate installed themes Another important function is proxy, which allow you to scan host through proxy. Example below: --proxy 127.0.0.1:5555 You can use socks5 proxy as well: --proxy socks5://127.0.0.1:9000 If login is required: --proxy-auth Supply the proxy login credentials. --basic-auth Set the HTTP Basic authentication. There is also an option to brute force enumerated users, for example using 50 threds: wpscan --url www.example.com --wordlist wordlist.lst --threads 50 As you see, after --wordlist you need to give a pass wordlist. If you want to brute specific user, just add '--username', example: wpscan --url www.example.com --wordlist wordlist.lst --username admin Quote Share this post Link to post Share on other sites
