WordPress is very a very common blogging platform and CMS nowadays. Bigger popularity attracts more bad guys and script kiddies to do evil stuff against your WordPress instance. To get yourself a clearer picture about your own site, wpscan can help you.

For the ease of the installation process I just did a git checkout. I assume that with the previous installation of metasploit the needed requirements for Fedora are already covered.

Then I changed to new created directory and used gem to do the rest.

Now wpscan is ready.

This scan was executed against the latest release of WordPress. No plugins? Let’s test the plugin detection capability.

This entry was posted in Fedora, Fedora Security Lab, Security. Bookmark the permalink.

3 Responses to WPscan

  1. Me says:

    $ cd wpscan
    $ sudo gem install bundler && bundle install –without test development
    Successfully installed bundler-1.3.5
    1 gem installed
    Installing ri documentation for bundler-1.3.5…
    Installing RDoc documentation for bundler-1.3.5…
    bash: bundle: command not found

  2. This is a really good read for me, thank you!

  3. Pingback: URL

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.