garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated WPScan User Documentation (markdown)

Ryan Dewhurst
2020-04-22 15:04:38 +02:00
parent 516a66a361
commit 66eee2cb02
1 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
WPScan-User-Documentation.md

@@ -99,21 +99,7 @@ _NOTE: Get your API token from [wpvulndb.com](https://wpvulndb.com/) if you also
`wpscan --url example.com -e u --passwords /path/to/password_file.txt`
## Vulnerability Database
WPScan uses the [WordPress Vulnerability Database](https://wpvulndb.com/api) API in real time to retrieve known vulnerabilities that affect WordPress core, plugins and themes.
For the vulnerability information to be shown within WPScan you will need to supply an API token with the `--api-token YOUR_TOKEN` option. Alternatively, you can supply the API token from a WPScan configuration file.
A free API token is available, as well as paid plans, depending on your usage needs.
If you do not supply an API token, WPScan will work as normal, with the exception that when a WordPress version, plugin or theme is detected, the associated known vulnerabilities will not be displayed.
## Bypassing Simple WAFs
To bypass some simple WAFs you can try the `--random-user-agent` option.
## Docker Cheat Sheet
### Docker Cheat Sheet
- Pull the Docker repository
@@ -132,6 +118,20 @@ docker run --rm --mount type=bind,source=$HOME/docker-bind,target=/output wpscan
The `wpscan-output.txt` file now exists on the host machine at `~/docker-bind/wpscan-output.txt`.
## Vulnerability Database
WPScan uses the [WordPress Vulnerability Database](https://wpvulndb.com/api) API in real time to retrieve known vulnerabilities that affect WordPress core, plugins and themes.
For the vulnerability information to be shown within WPScan you will need to supply an API token with the `--api-token YOUR_TOKEN` option. Alternatively, you can supply the API token from a WPScan configuration file.
A free API token is available, as well as paid plans, depending on your usage needs.
If you do not supply an API token, WPScan will work as normal, with the exception that when a WordPress version, plugin or theme is detected, the associated known vulnerabilities will not be displayed.
## Bypassing Simple WAFs
To bypass some simple WAFs you can try the `--random-user-agent` option.
## Troubleshooting
If WPScan is not working as expected, you can use the `--proxy` option, and use a web proxy to inspect WPScan's HTTP requests, and the remote server's HTTP responses. This is useful when you do not know why you are getting false positives, or false negatives.