Learn how to Install wpscan on Kali Linux step by step. One of the problems that has always been criticized by content management systems such as WordPress is their security. By doing a series of security measures, WordPress is really a secure CMS and you should not worry. Many developers, after security measures, perform penetration testing on their site to find and fix security holes. One of the most popular and powerful tools is WpScan. WpScan is a security tool that designed to test the penetration of the WordPress content management system. In this article, we try to teach you how to Install wpscan on Kali Linux. You can use the packages available in Eldernode to purchase a Linux VPS server.
Table of Contents
Tutorial Install wpscan on Kali Linux
Introduction to WPScan tool
WPScan is an application tool for scanning the vulnerability of the WordPress CMS. The purpose of scanning is not always to penetrate the site of others. You should always scan and analyze your site and customers to fix security issues and vulnerabilities. One of the tools used to identify and collect information from WordPress sites is WPScan. In the following, we will teach you how to install the WPScan tool visually in Kali Linux.
What are the features of the WPScan tool?
1) Discover website plugins along with their versions
2) Penetration testing and security hole detection only in plugins
3) Identify security holes on plugins and WordPress itself
4) Website layout identification
5) Use different User-Agents
6) Read cookie files
7) Identify directories
8) Perform brute force attacks
9) Manual attack settings such as number of connections, number of threads and number of requests.
Install wpscan on Kali Linux
In this section, we are trying to fully teach you How to Install wpscan on Kali Linux. Stay with us.
The first thing you need to do is install Git and update to the latest version. To do this, you need to open the Kali terminal in the first step and type the following command in it:
sudo apt-get install git
In the second step, you must specify the dependencies of Kali Linux in the latest Ruby development environment. So type and run the following command:
sudo apt-get install git ruby ruby-dev libcurl4-openssl-dev make
Once you have installed Git and dependencies, it is time to move on to installing WPScan. To do this, type the following command:
git clone https://github.com/wpscanteam/wpscan.git
Now you need to change the directory to the WPScan directory using the following command:
cd wpscan
Since WPScan is a program that requires a bundler to run, it needs to be installed. To install the bundler, you can type and run the following command line:
sudo gem install bundler && bundle install --without test
Note: RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries, a tool designed to easily manage the installation of gems, and a server for distributing them.
You can see that WPScan has been installed successfully. Note that updates on the first run may take a few minutes.
Conclusion
wpscan is one of the most popular tools for security scanning of WordPress content management system, which has more features and popularity than other WordPress scanners. Using this tool, you can perform a full scan and penetration test to find the vulnerabilities of WordPress websites. In this article, after introducing WPScan and its features, we tried to teach you How to Install wpscan on Kali Linux. It should be noted that if you want to install WPScan in Debian, you can refer to the article How to install wpscan on Debian 10.