WordPress Security testing using WP-Scan
Do not use the following instructions to exploit others websites / services , Usage of WP-Scan for attacking targets without prior mutual consent is illegal.
WordPress now powers 30 percent of the web, according to data from web technology survey firm W3Techs.
WordPress is important framework and as the aove statistics it is widely used thats why securing a web site based on WordPress framework is something obvious.
What is WP-Scan ?
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
Installation
You can install it via Docker with the following commands :
docker pull wpscanteam/wpscan
Scan WordPress Site
Default Scan
docker run -it -rm wpscanteam/wpscan -url Website URL
Using default options with a good compromise between speed and accuracy. For example, the plugins will be checked passively but their version with a mixed detection mode (passively + aggressively). Potential config backup files will also be checked, along with other interesting findings.
Only Display Vulnerable Plugins
docker run -it -rm wpscanteam/wpscan -url Site URL -enumerate vp
Enumerate User Name
docker run -it -rm wpscanteam/wpscan -url Site URL -enumerate
Useful Links
https://wpvulndb.com/ WPScan on GitHub https://github.com/wpscanteam/wpscan
Originally published at http://thetesttherapist.com on January 12, 2019.
