Last updated 2 years ago
don't forget to setup URL variable
export URL="<wordpress url"
Initial Scan
wpscan --url $URL --disable-tls-checks --enumerate p --enumerate t --enumerate u
Plugin Enumeration (Aggressive)
wpscan --url $URL --enumerate p --plugins-detection aggressive
note:
akismet --> just ignore it
theme = twentyseventeen
go to header.php
input in the php script.