WPScan v3.4.5 - Black Box WordPress Vulnerability Scanner.
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
Install
Prerequisites
From RubyGems (Recommended)
On MacOSX, if a Gem::FilePermissionError is raised due to the Apple's System Integrity Protection (SIP), either install RVM and install wpscan again, or run sudo gem install -n /usr/local/bin wpscan (see #1286)
From sources (NOT Recommended)
Prerequisites: Git
Updating
You can update the local database by using wpscan --update
Updating WPScan itself is either done via gem update wpscan or the packages manager (this is quite important for distributions such as in Kali Linux: apt-get update && apt-get upgrade) depending how WPScan was (pre)installed
Docker
Pull the repo with docker pull wpscanteam/wpscan
Enumerating usernames
Enumerating a range of usernames
Download Wpscan
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
Install
Prerequisites
From RubyGems (Recommended)
On MacOSX, if a Gem::FilePermissionError is raised due to the Apple's System Integrity Protection (SIP), either install RVM and install wpscan again, or run sudo gem install -n /usr/local/bin wpscan (see #1286)
From sources (NOT Recommended)
Prerequisites: Git
Updating
You can update the local database by using wpscan --update
Updating WPScan itself is either done via gem update wpscan or the packages manager (this is quite important for distributions such as in Kali Linux: apt-get update && apt-get upgrade) depending how WPScan was (pre)installed
Docker
Pull the repo with docker pull wpscanteam/wpscan
Enumerating usernames
Enumerating a range of usernames
Download Wpscan