WPScan
What is wpscan? WPScan is a wordpress vulnerability scanner. It has many usage, among those the most useful are enumerating user, finding vulnerabilities, and brute forcing password on a wordpress site.
Steps:
- Open up Kali Linux terminal
- To enumerate user, use this command and press enter
wpscan --url WORDPRESS.WEBSITE.COM --enumerate u
In this case, i tried to find the user on team3.pentest.id
- It will then show the result of the finding.
- It also shows some interesting finding on the website, such as its robot.txt content, server, étc.