What is WPSCAN ? WordPress security scanner

WPSCAN is wordpress security scanner, I’m using this great tool very often to check if my website of course based on popular blogging platform is secure without any holes. I’m doing this every month to prevent hackers hack my website.

We can download and install WPScan on linux machine..for this I’m using KaliLinux and I have Kali installed on Virtual Machine, by default WPScan is preinstalled on Kali linux. To scan our website with WPScan we will use command :

wpscan --url blog.tld ”

this will scan our wordpress blog with default options.

if you doesn’t want to be detected that u scanning someone else website please use this command :

“wpscan –stealthy –url blog.tld”

we can scan website using proxy, command below :

“wpscan -v –proxy socks5://127.0.0.1:9090 –url http://target.tld”

if we want to detect plugins and scan potential vulnelabirites in plugins then we need to add this :

–plugins-detection

How to install WPScan if we do not have Kali linux but other distribution ?

Prerequisites:
Ruby >= 2.3 – Recommended: latest
Curl >= 7.21 – Recommended: latest – FYI the 7.29 has a segfault
RubyGems – Recommended: latest
From RubyGems:
gem install wpscan

 

PROJECT HOME
https://wpscan.org

VULNERABILITY DATABASE
https://wpvulndb.com

Read More

    Posts not found.

    Sorry, no other posts related this article.

Hi brother !

Hello my name is FacetFlow 🙂 you will find here alot of information about cryptocurrencies, especially bitcoin, some information about software for windows, reviews about social downloaders and other usefull stuff ! 🙂 hope you will like it.