WordPress Penetration Testing
This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.
Author
zebbern
Category
Other ToolsInstall
Hot:11
Download and extract to your skills directory
Copy command and send to OpenClaw for auto-install:
Download and install this skill https://openskills.cc/api/download?slug=sickn33-skills-wordpress-penetration-testing&locale=en&source=copy
WordPress Penetration Testing
Skills Overview
WordPress Penetration Testing provides a complete WordPress security assessment methodology, including user/theme/plugin enumeration, vulnerability scanning, credential testing, and exploitation techniques. It is suitable for authorized penetration testing and security assessment scenarios.
Use Cases
1. Authorized Penetration Testing
After obtaining written authorization, conduct a comprehensive security assessment of the target WordPress website, including vulnerability discovery, enumeration analysis, and penetration verification. This helps organizations identify and fix security issues.
2. Red Team Exercises
In simulated real-world attack scenarios, use WordPress-specific vulnerabilities to gain an initial foothold—through plugin vulnerabilities, weak passwords, or XML-RPC vulnerabilities to compromise the system.
3. Vulnerability Bounty Hunting
For public vulnerability bounty programs, use tools such as WPScan to test WordPress sites for security issues, discover and report previously undisclosed vulnerabilities to earn rewards.
Core Features
1. Comprehensive WPScan Enumeration
Automatically detects key information such as the WordPress version, installed themes and plugins, and the user list. Supports multiple detection modes (aggressive/mixed) and proxy configuration, and can generate detailed JSON or text reports.
2. Exploitation and Credential Attacks
Integrates WordPress exploitation modules from the Metasploit framework. Supports uploading shells via administrator credentials, exploiting known plugin vulnerabilities, planting backdoors through the theme editor, and provides XML-RPC multi-call brute-force capabilities.
3. Advanced Detection and Evasion
Offers evasion techniques such as scanning through proxies (Tor/Burp Suite), randomizing User-Agents, and request throttling. Also includes manual detection methods (author enumeration, REST API queries) to counter automated defenses.
FAQs
How do I use WPScan?
WPScan is a WordPress scanning tool preinstalled on Kali Linux. The basic command is
wpscan --url http://target.com. Add the -e at,ap,u parameter to enumerate all themes, plugins, and users. Use --api-token to retrieve data from the vulnerability database. Output supports JSON format for easier follow-up analysis.Is WordPress penetration testing legal?
WordPress penetration testing is legal only with written authorization. Before testing, you must obtain explicit permission from the target owner, strictly limit the test scope, fully document all testing activities, and follow responsible vulnerability disclosure principles. Unauthorized testing is illegal.
What should I do if WPScan scanning is blocked by a WAF?
If scanning is blocked by a Web Application Firewall, you can try the following: use
--throttle 1000 to reduce request speed, enable --random-user-agent to randomize User-Agent, use a proxy via the --proxy parameter (e.g., Tor), or switch to mixed detection mode instead of aggressive mode.