mirror of
https://github.com/tldr-pages/tldr.git
synced 2025-04-23 14:02:08 +02:00
8ebd171d6f
Co-authored-by: marchersimon <50295997+marchersimon@users.noreply.github.com> Co-authored-by: Seth Falco <seth@falco.fun> Co-authored-by: Patrice Denis <patricedenis@users.noreply.github.com>
36 lines
1.1 KiB
Markdown
36 lines
1.1 KiB
Markdown
# wpscan
|
|
|
|
> WordPress vulnerability scanner.
|
|
> More information: <https://github.com/wpscanteam/wpscan>.
|
|
|
|
- Update the vulnerability database:
|
|
|
|
`wpscan --update`
|
|
|
|
- Scan a WordPress website:
|
|
|
|
`wpscan --url {{url}}`
|
|
|
|
- Scan a WordPress website, using random user agents and passive detection:
|
|
|
|
`wpscan --url {{url}} --stealthy`
|
|
|
|
- Scan a WordPress website, checking for vulnerable plugins and specifying the path to the `wp-content` directory:
|
|
|
|
`wpscan --url {{url}} --enumerate {{vp}} --wp-content-dir {{remote/path/to/wp-content}}`
|
|
|
|
- Scan a WordPress website through a proxy:
|
|
|
|
`wpscan --url {{url}} --proxy {{protocol://ip:port}} --proxy-auth {{username:password}}`
|
|
|
|
- Perform user identifiers enumeration on a WordPress website:
|
|
|
|
`wpscan --url {{url}} --enumerate {{u}}`
|
|
|
|
- Execute a password guessing attack on a WordPress website:
|
|
|
|
`wpscan --url {{url}} --usernames {{username|path/to/usernames.txt}} --passwords {{path/to/passwords.txt}} threads {{20}}`
|
|
|
|
- Scan a WordPress website, collecting vulnerability data from the WPVulnDB (https://wpvulndb.com/):
|
|
|
|
`wpscan --url {{url}} --api-token {{token}}`
|