search
githubEdit

WPScan

hashtag
About

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. The WPScan CLI tool uses the WordPress Vulnerability Database APIarrow-up-right to retrieve WordPress vulnerability data in real time. Usage of this tool does require an API, which can be done by registering an account herearrow-up-right.

hashtag
Links

Homepagearrow-up-right

Githubarrow-up-right

WPScan Register for an APIarrow-up-right

hashtag
Usage

hashtag
Key

  • vp = virtual plugins

  • u = usernames

  • vt = virtual themes

  • tt = timtums

  • General Use

wpscan --url [URL] --api-token [TOKEN] --enumerate vp,u,vt,tt --random-user-agent

Last updated