WPScan - Wordpress security scanner
WPScan with Docker
#
docker run -it --rm wpscanteam/wpscan -u https://yourblog.com [options]
# Mount local wordlists
WPSCAN_WD="/Volumes/musashi/vols/wpscan"
docker run -it --rm -v $WPSCAN_WD/wordlists:/wordlists wpscanteam/wpscan --url https://yourblog.com --wordlist /wordlists/crackstation.txt --username admin
# Mount logfile
WPSCAN_WD="/Volumes/musashi/vols/wpscan"
WPSCAN_SITE="pelatihandanpengembangansdm.com" # situs yang akan dipindai
LOG_FILE_PATH="$WPSCAN_WD/$WPSCAN_SITE"
touch $LOG_FILE_PATH.log
docker run -it --rm -v \
$LOG_FILE_PATH:/wpscan/output.txt wpscanteam/wpscan --url http://$WPSCAN_SITE --log /wpscan/output.txt
WPScan with Brew
#
brew install wpscan
#
WPSCAN_WD="/Volumes/musashi/vols/wpscan" # working directory & logs
WPSCAN_SITE="pelatihandanpengembangansdm.com" # site to scan w/o http / https
wpscan --update \
-r \
--log $WPSCAN_WD/$WPSCAN_SITE.txt \
-u http://$WPSCAN_SITE
# -e tt,vp,vt \