ranbot-ai/wordpress-penetration-testing
skills/wordpress-penetration-testing/SKILL.md
This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vu...
$ install --global
skillsauthnpx skillsauth add ranbot-ai/awesome-skills wordpress-penetration-testingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 5, 2026, 6:09 AM186.3s1 file scanned
SKILL.md
- name:
- wordpress-penetration-testing
- description:
- This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vu...
- category:
- Security & Systems
- source:
- antigravity
- tags:
- [javascript, api, ai, agent, workflow, document, security, pentest, vulnerability]
- url:
- https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/wordpress-penetration-testing
WordPress Penetration Testing
Purpose
Conduct comprehensive security assessments of WordPress installations including enumeration of users, themes, and plugins, vulnerability scanning, credential attacks, and exploitation techniques. WordPress powers approximately 35% of websites, making it a critical target for security testing.
Prerequisites
Required Tools
- WPScan (pre-installed in Kali Linux)
- Metasploit Framework
- Burp Suite or OWASP ZAP
- Nmap for initial discovery
- cURL or wget
Required Knowledge
- WordPress architecture and structure
- Web application testing fundamentals
- HTTP protocol understanding
- Common web vulnerabilities (OWASP Top 10)
Outputs and Deliverables
- WordPress Enumeration Report - Version, themes, plugins, users
- Vulnerability Assessment - Identified CVEs and misconfigurations
- Credential Assessment - Weak password findings
- Exploitation Proof - Shell access documentation
Core Workflow
Phase 1: WordPress Discovery
Identify WordPress installations:
# Check for WordPress indicators
curl -s http://target.com | grep -i wordpress
curl -s http://target.com | grep -i "wp-content"
curl -s http://target.com | grep -i "wp-includes"
# Check common WordPress paths
curl -I http://target.com/wp-login.php
curl -I http://target.com/wp-admin/
curl -I http://target.com/wp-content/
curl -I http://target.com/xmlrpc.php
# Check meta generator tag
curl -s http://target.com | grep "generator"
# Nmap WordPress detection
nmap -p 80,443 --script http-wordpress-enum target.com
Key WordPress files and directories:
/wp-admin/- Admin dashboard/wp-login.php- Login page/wp-content/- Themes, plugins, uploads/wp-includes/- Core files/xmlrpc.php- XML-RPC interface/wp-config.php- Configuration (not accessible if secure)/readme.html- Version information
Phase 2: Basic WPScan Enumeration
Comprehensive WordPress scanning with WPScan:
# Basic scan
wpscan --url http://target.com/wordpress/
# With API token (for vulnerability data)
wpscan --url http://target.com --api-token YOUR_API_TOKEN
# Aggressive detection mode
wpscan --url http://target.com --detection-mode aggressive
# Output to file
wpscan --url http://target.com -o results.txt
# JSON output
wpscan --url http://target.com -f json -o results.json
# Verbose output
wpscan --url http://target.com -v
Phase 3: WordPress Version Detection
Identify WordPress version:
# WPScan version detection
wpscan --url http://target.com
# Manual version checks
curl -s http://target.com/readme.html | grep -i version
curl -s http://target.com/feed/ | grep -i generator
curl -s http://target.com | grep "?ver="
# Check meta generator
curl -s http://target.com | grep 'name="generator"'
# Check RSS feeds
curl -s http://target.com/feed/
curl -s http://target.com/comments/feed/
Version sources:
- Meta generator tag in HTML
- readme.html file
- RSS/Atom feeds
- JavaScript/CSS file versions
Phase 4: Theme Enumeration
Identify installed themes:
# Enumerate all themes
wpscan --url http://target.com -e at
# Enumerate vulnerable themes only
wpscan --url http://target.com -e vt
# Theme enumeration with detection mode
wpscan --url http://target.com -e at --plugins-detection aggressive
# Manual theme detection
curl -s http://target.com | grep "wp-content/themes/"
curl -s http://target.com/wp-content/themes/
Theme vulnerability checks:
# Search for theme exploits
searchsploit wordpress theme <theme_name>
# Check theme version
curl -s http://target.com/wp-content/themes/<theme>/style.css | grep -i version
curl -s http://target.com/wp-content/themes/<theme>/readme.txt
Phase 5: Plugin Enumeration
Identify installed plugins:
# Enumerate all plugins
wpscan --url http://target.com -e ap
# Enumerate vulnerable plugins only
wpscan --url http://target.com -e vp
# Aggressive plugin detection
wpscan --url http://target.com -e ap --plugins-detection aggressive
# Mixed detection mode
wpscan --url http://target.com -e ap --plugins-detection mixed
# Manual plugin discovery
curl -s http://target.com | grep "wp-content/plugins/"
curl -s http://target.com/wp-content/plugins/
Common vulnerable plugins to check:
# Search for plugin exploits
searchsploit wordpress plugin <plugin_name>
searchsploit wordpress mail-masta
searchsploit wordpress slideshow gallery
searchsploit wordpress reflex gallery
# Check plugin version
curl -s http://target.com/wp-content/plugins/<plugin>/readme.txt
Phase 6: User Enumeration
Discover WordPress users:
# WPScan user enumeration
wpscan --url http://target.com -e u
# Enumerate specific number of users
wpscan --url http://target.com -e u1-100
# Author ID enumeration (manual)
for i in {1..20}; do
curl -s "http://target.com/?author=$i" | grep -o 'author/[^/]*/'
done
# JSON API user enumeration (if enabled)
curl -s http://target.com/wp-jso
Related Skills
ranbot-ai/nextjs-seo-indexing
testing
VerifiedTrustedCommunity
Fix SEO indexing issues, crawl budget problems, and Search Console coverage errors for Next.js apps. Covers canonical tags, noindex audits, sitemap health, static rendering, and internal linking.
5SKILL.mdUpdated Jun 2, 2026
ranbot-ai/moatmri
data-ai
VerifiedTrustedCommunity
Analyze AI disruption pressure across a business, map competitive exposure, and produce a 90-day defensive action plan.
5SKILL.mdUpdated Jun 2, 2026
ranbot-ai/skills/longbridge
tools
VerifiedTrustedCommunity
--- name: longbridge description: 125+ agent skills for Longbridge Securities — real-time quotes, charts, fundamentals, portfolio analysis, options, and more for HK/US/A-share/SG markets. Trilingual: Simplified Chinese, Traditional category: AI & Agents source: antigravity tags: [api, mcp, claude, ai, agent, security, cro] url: https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/longbridge --- # Longbridge ## Overview Longbridge is the official skill collection for Longbr
5SKILL.mdUpdated Jun 2, 2026
ranbot-ai/github-actions-advanced
tools
VerifiedTrustedCommunity
Design, debug, and harden GitHub Actions CI/CD workflows, including reusable workflows, matrix builds, self-hosted runners, OIDC authentication, caching, environments, secrets, and release automation.
5SKILL.mdUpdated Jun 2, 2026