How to install and Find WordPress Vulnerability??WpScan

-

 
What is WPScan?

WPScan is a tool that is used to scan the WordPress website for Vulnerabilities. In this article, I am going to tell you. How to install and find Vulnerabilities in your WordPress site using WPScan.




WordPress is one of the platforms most commonly used for website development, currently, thousands of websites on the Internet use WordPress.

Using WordPress is a great advantage because it is free and practical, but we must be aware of the platform's security, because remember that it is an Open Source platform, where everyone has access to the source code, thus being able to exploit security flaws.
Now let's move on to the more “fun” part, exploiting flaws and vulnerabilities in WordPress, so we will use the WPScan tool that is available by default on several Linux distributions for Pentest and can also be installed on Windows and other Linux distributions that are not targeted to perform intrusion testing.

The great strength of the tool alone is due to the fact that it lists themes, versions, plugins, subdomains, users, vulnerabilities, and application passwords in WordPress. It sounds like a joke, but thousands of sites are vulnerable.

Installation of WPScan

Open your Termux app and type the following commands:

pkg install ruby

gem install wpscan

wpscan -h (for usage command)

Hence the installation of WPScan in Termux android is completed.

Comments

Post a Comment

Popular posts from this blog

Hack Android with Infect Virus Installation and Usees

-
Image
HACK ANDROID WITH INFECT TERMUX HACKING TOOL Android devices are popular in the world. Imagine how funny if you infect your friend’s device even if you don’t have hacking skills. Infect best Termux hacking tool will help us to do that. What is infect? Infect is a bash-based script that is officially made for Termux users and from this tool you can spread the android virus by just sending a link. Also, Infect is available on Termux, developers of this tool tested in on Termux. What are it’s features? Infect have some interesting features. Which are following:- [+] Dangerous virus tool! [+] Updated maintenance! [+] Easy for beginners! [+] Working virus tool for Termux! Installation process:- Now, before you install infect make sure you update and upgrade Termux. you can use these commands: $ apt-get update $ apt-get upgrade Then, after Termux finishes updating and upgrade, we move to the second step which is to install python. Do it only if you have not yet install python otherwise, you ...
Read more

Hack Pubg account with termux in Android phone

-
Image
PUBG Phishing Tool Termux Hey guys, Most  of  you  guys  who are   commenting    about   how   you   can   Hack   PUBG   Accounts   with Termux,  This   post   is   for   you   because   in   this    Shot   Guide    I   am  gonna   show   you   how   you can    use   a   simple   tool   to   make   PUBG   Phishing  pages in  under  1  minute .  Make  sure  to  follow  the   steps right   and   also    read   the   full   blog    because   I  am gonna   give  you   some  ...
Read more

Cascading Style Sheet (CSS) Injection

-
Image
  Overview Cascading style injection may occcur when user or attacker controlled input is later incorporated without being encoded into the web server response with a style attribute. In other words, the attacker can send input which later is incorporated into the web page the user receives. Discovery Methodology Inject all available parameters of the web page with a searchable string such as the word "CANARY" along with characters generally useful in writing HTML, JavaScript or other code. Search the response carefully noting any location where the test string appears unencoded in a style attribute. These locations may allow Cascading style injection. Hint: An example injection might be <CANARY={}""()'';#$--/>1. Adding a sequencial integer to the test input can help determine which of the inputs parameters resulted in the response string found. Exploitation Determine the prefix and suffix needed to make the injected code "fit" syntatically t...
Read more