WPScan (wordpress)

#signup to wpscan api token - https://wpscan.com/api

wpscan --url https://10.11.1.7 -v -e u ap at tt --disable-tls-checks aggressive --api-token ZK4ONIV1pD#########################

#disable tls checks

wpscan -v --disable-tls-checks --url https://10.11.1.3

#find users plus vuln plugins

wpscan --url https://10.11.1.3 -e u vp vt --disable-tls-checks

#pw attack

wpscan --url https://10.11.1.3/ –U techblog -P rockyou.txt --disable-tls-checks -t 2