Skip to content

Edoardo Vignati

– Always looking for something awesome –

Menu
  • About me
  • Studies
  • Publications
  • Skills
  • Portfolio
  • Projects
  • Career
  • Blog
  • Travels  
Menu

WPScan: what is and how to install

Posted on 27/05/202027/05/2020 by Edoardo

WPScan is a very interesting and useful tool written in Ruby for scanning WordPress websites and find outdated versions of plugins, known vulnerabilities, enumeration of users etc…

It’s very easy to use and very powerful. These are the installation step.

$ sudo apt update

$ sudo apt install curl git libcurl4-openssl-dev make zlib1g-dev gawk g++ gcc libreadline6-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config ruby ruby-bundler ruby-dev -y

After this, let’s install WPScan using gem:

$ sudo gem install wpscan

To run the scan, first of all update the database and then run it:

$ wpscan --update
$ wpscan --url http://mytarget.com
An example of the output

If you are interested in staying updated on the recent WordPress you can have a look at wpvulndb.com

If you want to protect your WordPress installation you can also download the plugin that will test every day the security of your website.

To contribute you can find the project on Github at github.com/wpscanteam/wpscan

Happy (responsible) hacking!


Buy Me A Coffee


This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Edoardo on [SOLVED] XMLHttpRequest error in Flutter web is a CORS error06/01/2023
  2. Fabi on [SOLVED] XMLHttpRequest error in Flutter web is a CORS error20/12/2022
  3. Edoardo on How to install hplip on Ubuntu28/11/2022
  4. Alex K on How to install hplip on Ubuntu28/11/2022

© 2023 Edoardo Vignati | Powered by Minimalist Blog WordPress Theme