From 66eee2cb0272e1d3e3eab88f252a82236df29c99 Mon Sep 17 00:00:00 2001 From: Ryan Dewhurst Date: Wed, 22 Apr 2020 15:04:38 +0200 Subject: [PATCH] Updated WPScan User Documentation (markdown) --- WPScan-User-Documentation.md | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/WPScan-User-Documentation.md b/WPScan-User-Documentation.md index b679476..6ec4bf6 100644 --- a/WPScan-User-Documentation.md +++ b/WPScan-User-Documentation.md @@ -99,21 +99,7 @@ _NOTE: Get your API token from [wpvulndb.com](https://wpvulndb.com/) if you also `wpscan --url example.com -e u --passwords /path/to/password_file.txt` -## Vulnerability Database - -WPScan uses the [WordPress Vulnerability Database](https://wpvulndb.com/api) API in real time to retrieve known vulnerabilities that affect WordPress core, plugins and themes. - -For the vulnerability information to be shown within WPScan you will need to supply an API token with the `--api-token YOUR_TOKEN` option. Alternatively, you can supply the API token from a WPScan configuration file. - -A free API token is available, as well as paid plans, depending on your usage needs. - -If you do not supply an API token, WPScan will work as normal, with the exception that when a WordPress version, plugin or theme is detected, the associated known vulnerabilities will not be displayed. - -## Bypassing Simple WAFs - -To bypass some simple WAFs you can try the `--random-user-agent` option. - -## Docker Cheat Sheet +### Docker Cheat Sheet - Pull the Docker repository @@ -132,6 +118,20 @@ docker run --rm --mount type=bind,source=$HOME/docker-bind,target=/output wpscan The `wpscan-output.txt` file now exists on the host machine at `~/docker-bind/wpscan-output.txt`. +## Vulnerability Database + +WPScan uses the [WordPress Vulnerability Database](https://wpvulndb.com/api) API in real time to retrieve known vulnerabilities that affect WordPress core, plugins and themes. + +For the vulnerability information to be shown within WPScan you will need to supply an API token with the `--api-token YOUR_TOKEN` option. Alternatively, you can supply the API token from a WPScan configuration file. + +A free API token is available, as well as paid plans, depending on your usage needs. + +If you do not supply an API token, WPScan will work as normal, with the exception that when a WordPress version, plugin or theme is detected, the associated known vulnerabilities will not be displayed. + +## Bypassing Simple WAFs + +To bypass some simple WAFs you can try the `--random-user-agent` option. + ## Troubleshooting If WPScan is not working as expected, you can use the `--proxy` option, and use a web proxy to inspect WPScan's HTTP requests, and the remote server's HTTP responses. This is useful when you do not know why you are getting false positives, or false negatives.