How to scan and exploit wordpress website using wpscan and metasploit

Hello Every One, how are you?

Today, I well show you How to scan and exploit wordpress website using wpscan and

metasploit in Back Box Linux

in this tutorial i scan wordpress website and exploit using metasploit

1. scan using wpscan
2. exploit using metasploit

What is WPscan ?

The WPScan software (henceforth referred to simply as "WPScan") is dual-licensed - Copyright 2011-2016 WPScan Team.

Cases that include commercialization of WPScan require a commercial, non-free license. Otherwise, WPScan can be used without charge under the terms set out below.

Read More Here

What is Metasploit ?

ScreenShot :

to run wpscan  : sudo wpscan

To start scan using wpscan : sudo wpscan --url http://target.com --enumerate

to stop scan : ctrl + c

to metasploit : sudo msfconsole
to search exploit : msf> search "name exploit"
to use module exploit : use name module 
for ex : use exploit/unix/webapp/wp_wysija_newsletters_upload
you can press tabulation to complete any module or command in linux 
 for exemple : wps press tabulation to complete name --> wpscan ;)
for exemple : wps press tabulation to complete name --> wpscan ;)




Video Tutorial :

Enjoy 😉

tnx for watching video ^_^

good luck