WORD-PRESS


==============Wpscan : 
>>> wpscan --url https://url.com
>>> wpscan --url http://IP_ADDR --enumerate u,p,t 

==============Bruteforce login page
>>> wpscan --url $URL --username <name> --wordlist <path to list>

==============Random agent : 
>>> wpscan --url $URL --random-agent

==============Zoom.py - enumerate wordpress users
>>> python zoom.py -u $URL

==============vulnx : 
>>> vulnx -u https://example.com/ --cms --dns -d -w -e

==============cmsmap :  
>>> python3 cmsmap.py https://www.example.com -F

==============wpseku.py : 
>>> python3 wpseku.py --url https://www.target.com --verbose

=============Quick wordpress bruteforce:
python patator.py http_fuzz url=http://$ip/wp-login.php  raw_request=rawlogin 0=/usr/share/rockyou.txt -l /tmp/login &; tail -f /tmp/login | grep 302
PreviousWEB TECHNOLOGY NextDRUPAL
Last updated 3 years ago