What is WPScan? How to Install WPScan?

What is WPScan? How to Install WPScan? Before you install WPScan, you have to install number of dependencies essential by this tiny ruby application. BTW i am using BackTrack5 Linux. Dependencies : apt-get install libcurl4-gnutls-dev gem install --user-install mime-types gem install --user-install xml-simple gem install --user-install typhoeus WPScan Installation : cd /pentest/web/ wget http://packetstormsecurity.org/files/view/103151/wpscan-1.0.zip unzip wpscan-1.0.zip cd wpscan How to use WPScan? It is almost cooked. One more thing we need here; is to download keywords database which will be used for brute forcing. wget http://static.hackersgarage.com/darkc0de.lst.gz gunzip darkc0de.lst.gz Example usage of this ant application : Do ‘non-intrusive’ checks… ruby ./wpscan.rb --url www.hackersgarage.com Do wordlist password brute force on enumerated users using 50 threads… ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --threads 50 Do wordlist password brute force on the ‘admin’ username only… ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --username admin Generate a new ‘most popular’ plugin list, up to 150 pages… ruby ./wpscan.rb --generate_plugin_list 150 Enumerate instaled plugins… ruby ./wpscan.rb --enumerate p