in , , ,

Kali Linux – How To Brute Force WordPress using Wpscan

Kali Linux Tutorials – Wpscan – How TO Hack Wordpress ?

How To Brute Force WordPress on Kali Linux using Wpscan

kali linux tutorial wpscan k4linux
As a WordPress administrator or webmaster you are responsible for the security of the WordPress blog or website you manage. Most probably you’ve already done a lot to beef up the security and today in we will show you how to brute force WordPress password on Kali Linux using Wpscan to checking your Password Strength.

Disclaimer: This tutorial is for educational purposes only and we are NOT responsible in any way for how this information is used, use it at your own risk.  

As we now WPScan is a black box WordPress vulnerability scanner, and it is installed by default in kali linux we will use it for brute forcing wordpress.

We will use our wordpress platform that we already installed. If you have not already done visit our article: HowTo install WordPress in localhost on Kali Linux.


To Start Open your terminal and start Xampp

root@k4linux:  /opt/lampp/lampp start


Now we need to Enumerate users, type in terminal:
root@k4linux:  wpscan -u –enumerate u

kali linux tutorial wpscan k4linux
Wpscan will automatically search the admin username.
kali linux tutorial wpsca k4linux
Now Do wordlist password brute force on the username, type in terminal:
root@k4linux:  wpscan –url –wordlist /root/pass –username k4linux
kali linux tutorial wpscan k4linux


–wordlist set the location of your Password Wordlist

–username set the administrator username that you have found

kali linux tutorial wpscan k4linux
After a search Wpscan will find the password and this will take a few minutes, this depends on your Wordlist.

Efficiency of the Brute Force depend on how much strong is your wordlist and how many password contains it.

Watch the video tutorial for more explanation (Wpscan)

All the steps for this tutorial are explained on a Video on our Youtube Channel you can subscribe to it by this link they are many other tutorials that you can learn about bypassing and hacking and others basics tutorials about kali Linux. 


If you have encountered a problem or you have any questions or remarks please feel free to set a comment.

If this article helped you to solve your problem please feel free to Share it with your friends. with Love and Prosperity K4LINUX-TEAM.


What do you think?

1078 points
Upvote Downvote

Total votes: 4

Upvotes: 2

Upvotes percentage: 50.000000%

Downvotes: 2

Downvotes percentage: 50.000000%


Leave a Reply
  1. Brute force means that you try all possible passwords. What you present there is just a dictionary attack…which is pretty useless if password is not common and/or in your dictionary file!

  2. Pkb traducibile italiano una domanda o perso account gmail spesso usavo hydra e dava password sbagliata lei crede che dopo avere installato xampp usando brutphp lampp lampp da password lista esattamente che a lei e piaciuto spero che lei pkb mi rispondi grazie ??

One Ping

  1. Pingback:

Leave a Reply

Your email address will not be published. Required fields are marked *

brute force wordpress kali linux wpscan

How To install WordPress in localhost on Kali Linux :

ddos attack kali linux

What is a Ddos Attack ?