Updated WPScan User Documentation (markdown)
Ryan Dewhurst
@@ -4,6 +4,26 @@
|
||||
|
||||
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
|
||||
|
||||
WPScan is written in the Ruby programming language. The first version of WPScan was released on the [16th of June 2011](https://blog.dewhurstsecurity.com/2011/06/16/introducing-wpscan-wordpress-security-scanner.html).
|
||||
|
||||
## Installation
|
||||
|
||||
### Ruby Gem
|
||||
|
||||
WPScan is shipped as a Ruby gem, and can be installed with the following command:
|
||||
|
||||
`gem install wpscan`
|
||||
|
||||
### Docker
|
||||
|
||||
We also support Docker. Pull the repo with:
|
||||
|
||||
`docker pull wpscanteam/wpscan`
|
||||
|
||||
Example Docker command to enumerate usernames:
|
||||
|
||||
`docker run -it --rm wpscanteam/wpscan --url https://example.com/ --enumerate u`
|
||||
|
||||
## Enumeration Modes
|
||||
|
||||
When enumerating the WordPress version, installed plugins or installed themes, you can use three different "modes", which are:
|
||||
|
||||
Reference in New Issue
Block a user