O'Reilly logo

Kali Linux Cookbook - Second Edition by Bob Perciaccante, Corey P. Schultz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

The following steps are needed in order to perform a scan against a WordPress site using WPScan:

  1. From the command line, we will run the following to make sure that we have the latest database downloaded and installed:
root@kali:~/Chapter9# wpscan --update
  1. Once complete and updated, we now can use WPScan to start evaluating the security of our target WordPress site (located on our OWASP-BWA image):
root@kali:~/Chapter9# wpscan --url http://192.168.56.100/wordpress/ --enumerate vp,vt --log wpscan.log
  1. The preceding command runs WPScan against our WordPress instance on our OWASP-BWA host and looks for known vulnerable plugins (vp) and known vulnerable themes (vt), and saves the information to wpscan.log.
When scanning a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required