• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

WPScan v3.4.5

✨ DeeZNuTz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
982
Likes
760
Points
1,045
WPScan v3.4.5 - Black Box WordPress Vulnerability Scanner.

WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.

Install

Prerequisites
  • (Optional but highly recommended: RVM)
  • Ruby >= 2.3 - Recommended: latest
    • Ruby 2.5.0 to 2.5.3 can cause an 'undefined symbol: rmpd_util_str_to_d' error in some systems, see #1283
  • Curl >= 7.21 - Recommended: latest
    • The 7.29 has a segfault
  • RubyGems - Recommended: latest

From RubyGems (Recommended)
Code:
gem install wpscan

On MacOSX, if a Gem::FilePermissionError is raised due to the Apple's System Integrity
Protection (SIP), either install RVM and install wpscan again, or run sudo gem install -n /usr/local/bin wpscan (see #1286)

From sources (NOT Recommended)
Prerequisites: Git
Code:
git clone https://github.com/wpscanteam/wpscan
cd wpscan/
bundle install && rake install

Updating


You can update the local database by using wpscan --update
Updating WPScan itself is either done via gem update wpscan or the packages manager (this is quite important for distributions such as in Kali Linux: apt-get update && apt-get upgrade) depending how WPScan was (pre)installed

Docker


Pull the repo with docker pull wpscanteam/wpscan
Enumerating usernames
Code:
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u

Enumerating a range of usernames

Code:
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u1-100

Download Wpscan
 
Top Bottom