Just a start
ethicalhack3r
49
Documentation.md
Normal file
49
Documentation.md
Normal file
@@ -0,0 +1,49 @@
|
|||||||
|
# WPScan User Documentation
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
What WPScan is, where to find info...
|
||||||
|
|
||||||
|
## Information Gathering
|
||||||
|
|
||||||
|
### Common Files
|
||||||
|
readme.html
|
||||||
|
debug.log
|
||||||
|
error_log
|
||||||
|
robots.txt
|
||||||
|
|
||||||
|
### Vulnerabilities
|
||||||
|
Full Path Disclosure (FPD)
|
||||||
|
Directory Listing
|
||||||
|
|
||||||
|
### WordPress Version
|
||||||
|
Generator HTML meta tag
|
||||||
|
RSS Feeds
|
||||||
|
Advanced detection
|
||||||
|
|
||||||
|
### XML-RPC Detection
|
||||||
|
|
||||||
|
### WordPress Folders
|
||||||
|
* plugins
|
||||||
|
* wp-content
|
||||||
|
|
||||||
|
## Enumeration
|
||||||
|
|
||||||
|
### Passive
|
||||||
|
From HTML source code (https://github.com/wpscanteam/wpscan/blob/master/lib/wpscan/wp_detector.rb)
|
||||||
|
|
||||||
|
### Active
|
||||||
|
From directory brute forcing
|
||||||
|
|
||||||
|
### Types
|
||||||
|
|
||||||
|
* Plugins - How?
|
||||||
|
* Themes - How?
|
||||||
|
* Users - How?
|
||||||
|
* Timthumbs - what is timthumbs....
|
||||||
|
|
||||||
|
## Other features
|
||||||
|
|
||||||
|
### Login Bruteforce
|
||||||
|
|
||||||
|
How to use it?
|
||||||
|
|
||||||
Reference in New Issue
Block a user