How to Install WordPress Vulnerability Scanner WPScan on Kali Linux
How to Install WordPress Vulnerability Scanner WPScan on Kali Linux : WPScan is a black boxvulnerability scanner for WordPress websites which is used to find out all possible WordPress vulnerabilities like vulnerable plugins, vulnerable themes and other existing WordPress vulnerabilities. Today we will learn how to install WPscan tool on Kali Linux.
Note: Using of WPScan tool without Penetration testing authorization from clients is illegal. Hackingloops is not responsible for any damages. Please read disclaimer.
Installing WPScan Tool on Kali Linux :
1. Go to Kali Linux and Open the terminal.
2. Install Git in Kali Linux if not present : Since the latest version of WPScan is present at Github, we first need to update the Git. We can do so by running below command in terminal :
sudo apt-get install git
3. Once Git is installed, let fix Kali Linux dependencies for latest Ruby development enviornment, it can be done by running below command in terminal:
sudo apt-get install git ruby ruby-dev libcurl4-openssl-dev make
4. Now we are ready to install WPScan tool on Kali Linux, we will install it from Github by running below command in terminal :
git clone https://github.com/wpscanteam/wpscan.git
5. Once the download is completed, let change our directory to WPscan directory, which we can do by below command :
cd wpscan
6. Now in order to use WPscan tool we will require bundler. As we know WPScan is an ruby application which uses ‘Gems’ as part of programming language. Bundler will help keep WPScan and all of its “gems” or dependencies updated effectively.
We can install bundler by running below command in WPScan directory :
sudo gem install bundler && bundle install --without test
It will take some time to update all required things for first execution like WPScan, Vulnerability database etc.
That’s it Guys!! Now WPScan tool is ready for use. In our next tutorial i will show you how to use WPScan tool to find out all the vulnerabilities in WordPress website and how we can use those vulnerabilities to get WordPress admin access.
Keep Learning !! Keep Connected !!