`WPScan` is a popular WordPress vulnerability scanner. It is used to identify security vulnerabilities in WordPress websites. Here’s how you can use `WPScan` with some examples:
1. Basic Scan:
wpscan –url http://example.com
This command performs a basic scan on the specified WordPress website.
2. Enumerate Plugins and Themes:
wpscan –url http://example.com –enumerate p
Use the `–enumerate p` option to list installed plugins on the target WordPress site.
3. Enumerate Users:
wpscan –url http://example.com –enumerate u
Use the `–enumerate u` option to list WordPress users.
4. Perform Aggressive Scan:
wpscan –url http://example.com –aggressive
The `–aggressive` option performs a more aggressive scan, including plugin, theme, and user enumeration.
5. Password Brute-Force Attack:
wpscan –url http://example.com –passwords /path/to/passwords.txt
Use a custom password list to perform a brute-force attack on WordPress users’ passwords.
6. User Enumeration via Author ID:
wpscan –url http://example.com –enumerate u1-100
You can enumerate users by specifying author IDs in a range.
7. Enumerate Vulnerabilities:
wpscan –url http://example.com –enumerate vp
The `–enumerate vp` option lists known vulnerabilities in detected plugins.
8. Output to a File:
wpscan –url http://example.com –output /path/to/output.txt
Save the scan results to a file using the `–output` option.
9. Proxy Usage:
wpscan –url http://example.com –proxy http://proxy-server:port
Use a proxy server for the scan with the `–proxy` option.
Make sure to replace `http://example.com` with the URL of the target WordPress website and adjust the options as needed. Always use `WPScan` responsibly and with proper authorization, as scanning websites without permission may be illegal and unethical.