wordpress enumeration without wpscan

This page summarizes the projects mentioned and recommended in the original post on /r/oscp

Our great sponsors
  • PopRuby - Clothing and Accessories for Ruby Developers
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • custom-wordlists

    first download this list of plugins: https://github.com/hypn/custom-wordlists/blob/master/wordpress-popular-plugins.txt

  • vane

    Discontinued A GPL fork of the popular wordpress vulnerability scanner WPScan

    Is there an active fork? This looks dead https://github.com/delvelabs/vane

  • PopRuby

    PopRuby: Clothing and Accessories for Ruby Developers. Fashion meets Ruby! Shop our fun Ruby-inspired apparel and accessories designed to celebrate the joy and diversity of the Ruby community.

  • SecLists

    SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

    there's good wordlist inside of the seclist stuff seclists/Discovery/Web-Content/CMS. I basic use seclist for all my wordlist needs now. I think this might be standard in Parrot and Kali under /usr/share/SecLists https://github.com/danielmiessler/SecLists

  • wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

    There is one annoying "gotcha" when using WPScan, especially plugin enumeration, which is for the best results you have to go an extra step and add the "--plugins-detection mixed" option. It is documented in our user documentation - https://github.com/wpscanteam/wpscan/wiki/WPScan-User-Documentation#enumeration-modes

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts