WordPress Website Hacking Tips

WordPress Pentesting Tips:

Before testing Wordpress website with Wpscan make sure you are using their API token. Because when you use the Wpscan API token, you can scan the target using data from your vulnerability database.

1. Signup and Login o wpscan website.
2. 2. Go to account and get api token.
3. 3. Go to your linux home folerd and type cd .wpscan
4. 4. Now create a file name scan.yml with the following content.

cli_options:

api_token: <enter API token>

5. save the file and run the Wpsacn (“free version they give only 25 request per day”).