Install WPScan


WPScan is a free tool developed by to help WordPress site developers, owners and maintainers point out and identify problems so they can be quickly resolved.

  1. Install system-wide dependencies.
  2. ]$ sudo yum install gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch

  3. Clone the WPScan Git repository locally.
  4. ]$ git clone

  5. Move into the newly cloned local WPScan repository.
  6. ]$ cd wpscan/

  7. Install WPScan-specific dependencies, round 1.
  8. ]$ bundle install --without test --path vendor/bundle
    If you get a timeout error like this, re-run the command

  9. Install WPScan-specific dependencies, round 2.
  10. ]$ bundle install --without test --path vendor/bundle

  11. Scan any WordPress website for potential vulnerabilities.
  12. ]$ ./wpscan.rb --url

Last Modified: 14 Feb, 2016 at 15:01:13