From 94d411ae5bfdb27ca308052e7063da2125d98586 Mon Sep 17 00:00:00 2001
From: Alex <alexandre.dhondt@gmail.com>
Date: Fri, 3 Apr 2020 22:50:38 +0200
Subject: [PATCH] wpscan: add page (#3961)

---
 pages/common/wpscan.md | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 pages/common/wpscan.md

diff --git a/pages/common/wpscan.md b/pages/common/wpscan.md
new file mode 100644
index 0000000000..eeb4e11a94
--- /dev/null
+++ b/pages/common/wpscan.md
@@ -0,0 +1,36 @@
+# wpscan
+
+> Wordpress vulnerability scanner.
+> More information: <https://github.com/wpscanteam/wpscan>.
+
+- Update the vulnerability database:
+
+`wpscan --update`
+
+- Scan a Wordpress website:
+
+`wpscan --url {{url}}`
+
+- Scan a Wordpress website, using random user agents and passive detection:
+
+`wpscan --url {{url}} --stealthy`
+
+- Scan a Wordpress website, checking for vulnerable plugins and specifying the path to the `wp-content` directory:
+
+`wpscan --url {{url}} --enumerate {{vp}} --wp-content-dir {{remote/path/to/wp-content}}`
+
+- Scan a Wordpress website through a proxy:
+
+`wpscan --url {{url}} --proxy {{protocol://ip:port}} --proxy-auth {{username:password}}`
+
+- Perform user identifiers enumeration on a Wordpress website:
+
+`wpscan --url {{url}} --enumerate {{u}}`
+
+- Execute a password guessing attack on a Wordpress website:
+
+`wpscan --url {{url}} --usernames {{username|path/to/usernames.txt}} --passwords {{path/to/passwords.txt}} threads {{20}}`
+
+- Scan a Wordpress website, collecting vulnerability data from the WPVulnDB (https://wpvulndb.com/):
+
+`wpscan --url {{url}} --api-token {{token}}`