36 lines
501 B
Markdown
36 lines
501 B
Markdown
# WPScan
|
|
|
|
## Themes
|
|
```sh
|
|
wpscan --url <URL> --enumerate t
|
|
```
|
|
|
|
* `ls` for content
|
|
|
|
## Plugins
|
|
```sh
|
|
wpscan --url <URL> --enumerate p
|
|
```
|
|
|
|
## Users
|
|
```sh
|
|
wpscan --url <URL> --enumerate u
|
|
```
|
|
|
|
## Vulnerabilities
|
|
* WPVulnDB API is needed
|
|
* Plugins
|
|
```sh
|
|
wpscan --url <URL> --enumerate vp
|
|
```
|
|
|
|
## Password attack
|
|
```sh
|
|
wpscan --url <URL> --passwords <wordlist> --usernames <usersFromEnumeration>
|
|
```
|
|
|
|
## WAF Aggressiveness
|
|
```sh
|
|
wpscan --url <URL> --enumerate p --plugins-detection <aggressive/passive>
|
|
|