WPScan

What is wpscan? WPScan is a wordpress vulnerability scanner. It has many usage, among those the most useful are enumerating user, finding vulnerabilities, and brute forcing password on a wordpress site.

Steps:

1. Open up Kali Linux terminal
2. To enumerate user, use this command and press enter

   wpscan --url WORDPRESS.WEBSITE.COM --enumerate u

   In this case, i tried to find the user on team3.pentest.id
   

3. It will then show the result of the finding.
   
4. It also shows some interesting finding on the website, such as its robot.txt content, server, étc.