Installation of Wpscan Tool in Kali Linux
Wpscan (WordPress vulnerability Scanner) is a black box WordPress vulnerability scanner. Wpscan is used to scan remote WordPress installations or websites to find security issues. WordPress can also be used to enumerate WordPress plugins and themes and brute-force logins. Approximately 35% of the internet runs on WordPress, WordPress is a free content management system. Which is used to build and maintain websites). Making a website using WordPress is very easy and absolutely free of cost, that’s why it is widely used. With the increase in the WordPress market, its security becoming a big concern for creators and users. Over 8% of internet breakability is found on WordPress websites. There are many WordPress vulnerability scanners available in the market like SUCURI(It is a Security website that protects your website from hackers, malware, DDoS, and blacklists), and WPScan(It is the scanner to scan your WordPress websites for vulnerable plugins, themes, and security misconfigurations).
Installation of Wpscan tool: Usually Wpscan tool comes pre-installed with Kali Linux but, if we need to install it we can run the following command :
1. We can install Git in Kali Linux by the below command
sudo apt-get install git
2. Once Git is installed, we need to fix Kali Linux dependencies for the latest Ruby development environment. Type below command in terminal
sudo apt-get install git ruby ruby-dev libcurl4-openssl-dev m
3. Now we can install WPScan tool on Kali Linux, by running the below command in the terminal.
git clone http://github.com/wpscanteam/wpscan.git
4. Once the download is completed, let change our directory to WPscan directory, by following the below command.
5. Bundler is required to use the WPscan tool. WPScan is a ruby based application that uses ‘Gems’ as part of the programming language. Bundler will help keep WPScan and all of its dependencies updated effectively. We can install bundler in Kali Linux by running the below command in the WPScan directory :
sudo gem install bundler && bundle install --without test