All code and information for educational purposes only
Today I will show you how you can gather information about WordPress by loading and analyzing a single page; and then, based on this knowledge we will create script to automate the entire process.
Why analyze only one page? Why not use existing automated solutions like nikto or WPScan?
Those are great tools with plenty of functionality, but they create a lot of noise because they require multiple requests for targeting the site. That may be a problem, because if you need to perform reconnaissance on a WordPress site and remain undetected, your behavior must be the same as a regular user trying to read a blog on the WordPress site.
Discover wordpress version
First, let’s try to find the WordPress version of a target. You can do this by going to the WordPress main site, clicking “View Page Source” in a Chrome browser, and finding the meta tag named “generator.”
You can see wordpress version inside content attribute.Read on →