WPScan as a Dockerized CLI

The advantage of using WPScan as a Dockerized CLI is that we can still take full advantage of the CLI—allowing us to embed the script in a larger automation setup—while not having to worry about dependency management issues like keeping our Ruby version up-to-date. We can even write a simple wrapper around the docker run command so that we don't need to enter so much boilerplate every time we use the script.

For example, if we create a shell script called wpscan.sh and call our Docker command, passing in the "$@" character so that all of our flags and command-line arguments get passed through the shell script to the docker command, this is what we come up with:

#!/bin/shdocker run -it --rm wpscanteam/wpscan "$@" ...

Get Hands-On Bug Hunting for Penetration Testers now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.