Differences

This shows you the differences between two versions of the page.

--- wpscan [2019/09/02 06:29] – created hacktheplanet
+++ wpscan [2025/12/02 07:23] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-=====Man File=====
+=====Help File=====
 <code>
 root@kali:~# wpscan  --help
@@ Line 114: / Line 114: @@
 See README for further information.
 </code>
+=====Man File=====
+<code>
+WPSCAN(1)                           User Commands                           WPSCAN(1)
+NAME
+       wpscan - WordPress Security Scanner
+SYNOPSIS
+       wpscan [options]
+DESCRIPTION
+       WordPress Security Scanner by the WPScan Team
+              Sponsored by Sucuri - https://sucuri.net
+              @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
+OPTIONS
+       --url URL
+              The URL of the blog to scan Allowed Protocols: http, https Default Pro‐
+              tocol if none provided: http This option is mandatory unless update  or
+              help or hh or version is/are supplied
+       -h, --help
+              Display the simple help and exit
+       --hh   Display the full help and exit
+       --version
+              Display the version and exit
+       -v, --verbose
+              Verbose mode
+       --[no-]banner
+              Whether or not to display the banner Default: true
+       -o, --output FILE
+              Output to FILE
+       -f, --format FORMAT
+              Output results in the format supplied Available choices: cli-no-colour,
+              cli-no-color, json, cli
+       --detection-mode MODE
+              Default: mixed Available choices: mixed, passive, aggressive
+       --user-agent, --ua VALUE
+       --random-user-agent, --rua
+              Use a random user-agent for each scan
+       --http-auth login:password
+       -t, --max-threads VALUE
+              The max threads to use Default: 5
+       --throttle MilliSeconds
+              Milliseconds to wait before doing another web request. If used, the max
+              threads will be set to 1.
+       --request-timeout SECONDS
+              The request timeout in seconds Default: 60
+       --connect-timeout SECONDS
+              The connection timeout in seconds Default: 30
+       --disable-tls-checks
+              Disables SSL/TLS certificate verification
+       --proxy protocol://IP:port
+              Supported protocols depend on the cURL installed
+       --proxy-auth login:password
+       --cookie-string COOKIE
+              Cookie   string   to   use   in   requests,   format:  cookie1=value1[;
+              cookie2=value2]
+       --cookie-jar FILE-PATH
+              File to read and write cookies Default: /tmp/wpscan/cookie_jar.txt
+       --force
+              Do not check if the target is running WordPress
+       --[no-]update
+              Whether or not to update the Database
+       --wp-content-dir DIR
+       --wp-plugins-dir DIR
+       -e, --enumerate [OPTS]
+              Enumeration Process Available Choices:
+              vp Vulnerable plugins
+              ap All plugins
+              p Plugins
+              vt Vulnerable themes
+              at All themes
+              t Themes
+              tt Timthumbs
+              cb Config backups
+              dbe Db exports
+              u User IDs range. e.g: u1-5 Range separator to use: '-' Value if no ar‐
+              gument supplied: 1-10
+              m  Media  IDs  range.  e.g m1-15 Note: Permalink setting must be set to
+              "Plain" for those to be detected Range separator to use: '-'  Value  if
+              no argument supplied: 1-100
+              Separator  to  use between the values: ',' Default: All Plugins, Config
+              Backups Value if no argument supplied: vp,vt,tt,cb,dbe,u,m Incompatible
+              choices (only one of each group/s can be used):
+              - vp, ap, p - vt, at, t
+       --exclude-content-based REGEXP_OR_STRING
+              Exclude  all  responses  matching  the Regexp (case insensitive) during
+              parts of the enumeration.  Both the headers and body are checked.  Reg‐
+              exp delimiters are not required.
+       --plugins-detection MODE
+              Use  the  supplied  mode  to  enumerate  Plugins, instead of the global
+              (--detection-mode) mode.  Default: passive  Available  choices:  mixed,
+              passive, aggressive
+       --plugins-version-detection MODE
+              Use the supplied mode to check plugins versions instead of the --detec‐
+              tion-mode  or  --plugins-detection  modes.   Default:  mixed  Available
+              choices: mixed, passive, aggressive
+       -P, --passwords FILE-PATH
+              List  of  passwords  to  use during the password attack.  If no --user‐
+              name/s option supplied, user enumeration will be run.
+       -U, --usernames LIST
+              List of usernames to use during the password attack.   Examples:  'a1',
+              'a1,a2,a3', '/tmp/a.txt'
+       --multicall-max-passwords MAX_PWD
+              Maximum  number  of  passwords to send by request with XMLRPC multicall
+              Default: 500
+       --password-attack ATTACK
+              Force the supplied attack to be used rather than  automatically  deter‐
+              mining one.  Available choices: wp-login, xmlrpc, xmlrpc-multicall
+       --stealthy
+              Alias  for  --random-user-agent --detection-mode passive --plugins-ver‐
+              sion-detection passive
+       To see full list of options use --hh.
+wpscan                                March 2019                            WPSCAN(1)
+</code>