garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1223 from taha-abbasi/patch-1

Browse Source 
Added username enumeration instructions
This commit is contained in:
Erwan
2018-11-07 11:40:41 +00:00
committed by GitHub
parent ae034a47ed 804a8c34c6
commit 3555ca1d1e
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@@ -35,6 +35,17 @@ bundle install && rake install
Pull the repo with ```docker pull wpscanteam/wpscan```
Enumerating usernames
```
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u
```
Enumerating a range of usernames
```
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u1-100
```
** replace u1-100 with a range of your choice.
# Usage
```wpscan --url blog.tld``` This will scan the blog using default options with a good compromise between speed and accuracy. For example, the plugins will be checked passively but their version with a mixed detection mode (passively + aggressively). Potential config backup files will also be checked, along with other interesting findings. If a more stealthy approach is required, then ```wpscan --stealthy --url blog.tld``` can be used.
@@ -69,6 +80,19 @@ url: 'http://target.tld'
Running ```wpscan``` in the current directory (pwd), is the same as ```wpscan -v --proxy socks5://127.0.0.1:9090 --url http://target.tld```
Enumerating usernames
```
wpscan --url https://target.tld/ --enumerate u
```
Enumerating a range of usernames
```
wpscan --url https://target.tld/ --enumerate u1-100
```
** replace u1-100 with a range of your choice.
# PROJECT HOME
[https://wpscan.org](https://wpscan.org)