System Grab Bag

View all TLDR pages from common (or from all pages)

wpscan

WordPress vulnerability scanner. More information: https://github.com/wpscanteam/wpscan.
  • Update the vulnerability database:
    wpscan --update
  • Scan a WordPress website:
    wpscan --url {{url}}
  • Scan a WordPress website, using random user agents and passive detection:
    wpscan --url {{url}} --stealthy
  • Scan a WordPress website, checking for vulnerable plugins and specifying the path to the wp-content directory:
    wpscan --url {{url}} --enumerate {{vp}} --wp-content-dir {{remote/path/to/wp-content}}
  • Scan a WordPress website through a proxy:
    wpscan --url {{url}} --proxy {{protocol://ip:port}} --proxy-auth {{username:password}}
  • Perform user identifiers enumeration on a WordPress website:
    wpscan --url {{url}} --enumerate {{u}}
  • Execute a password guessing attack on a WordPress website:
    wpscan --url {{url}} --usernames {{username|path/to/usernames.txt}} --passwords {{path/to/passwords.txt}} threads {{20}}
  • Scan a WordPress website, collecting vulnerability data from the WPVulnDB (https://wpvulndb.com/):
    wpscan --url {{url}} --api-token {{token}}

License and Disclaimer

The content on this page is copyright © 2014—present the tldr-pages team and contributors.
This page is used with permission under Creative Commons Attribution 4.0 International License.

While we do attempt to make sure content is accurate, there isn't a warranty of any kind.