wpscan

3/24/2018 - 1:36 PM

WordPress vulnerability scanner

# Update the DB ...
ruby /wpscan/wpscan.rb --update
ruby wpscan.rb --update


wpscan --url 127.0.0.1/wp1
wpscan --url 192.168.1.3/wp1

# Enumerate users
ruby /wpscan/wpscan.rb --url www.example.com --enumerate u

# enumerating plugins from passive detection
wpscan --url 127.0.0.1/wp1 --enumerate p

# Enumerate installed themes
ruby /wpscan/wpscan.rb --url www.example.com --enumerate t

# password brute force
wpscan --url 127.0.0.1/wp1 --username user1

# Enumerate installed timthumbs ...
ruby /wpscan/wpscan.rb --url www.example.com --enumerate tt

# 'non-intrusive' checks
ruby wpscan.rb --url www.example.com

# Do wordlist password brute force on enumerated users using 50 threads
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50

# Do wordlist password brute force on the 'admin' username only
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin

# Enumerate installed plugins
ruby wpscan.rb --url www.example.com --enumerate p

# Run all enumeration tools
ruby wpscan.rb --url www.example.com --enumerate

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

wpscan