wordpress enumeration without wpscan

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/oscp

Our great sponsors
  • Nanos - Run Linux Software Faster and Safer than Linux with Unikernels
  • Scout APM - A developer's best friend. Try free for 14-days
  • SaaSHub - Software Alternatives and Reviews
  • GitHub repo custom-wordlists

    first download this list of plugins: https://github.com/hypn/custom-wordlists/blob/master/wordpress-popular-plugins.txt

  • GitHub repo vane

    A GPL fork of the popular wordpress vulnerability scanner WPScan

    Is there an active fork? This looks dead https://github.com/delvelabs/vane

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo SecLists

    SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

    there's good wordlist inside of the seclist stuff seclists/Discovery/Web-Content/CMS. I basic use seclist for all my wordlist needs now. I think this might be standard in Parrot and Kali under /usr/share/SecLists https://github.com/danielmiessler/SecLists

  • GitHub repo wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.

    There is one annoying "gotcha" when using WPScan, especially plugin enumeration, which is for the best results you have to go an extra step and add the "--plugins-detection mixed" option. It is documented in our user documentation - https://github.com/wpscanteam/wpscan/wiki/WPScan-User-Documentation#enumeration-modes

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts