Allow for simpler way to skip enumeration #1688
Comments
|
It's quite unclear what you want here, you mention skipping the enumeration but still want to find more plugins. WPScan has a lot of options, the current default being set to provide the best trade between result and speed but you can change any of them to get more results and more accurate one, which will take more time though. If you have admin access, then you could simply install our plugin - https://wordpress.org/plugins/wpscan/ |
|
can you tell how to skip enumerate I'm trying to bruteforce but its annoying everytime i have to do enumeration part ehich takes time |
|
@vansh1 your comment is even more unclear than mine. We have access to our sites as admin and want the scanner to login and get the plugins and themes instead of bruteforcing or scanning. By the way we use a wp-scan wrapper called wp-watcher so idk who to talk to. |
|
@fitzg2 sorry dude i came in between of your thread actually mine question is just as simple as i said i want to skip enumeration part while doing bruteforce, is it possible? |
Flagging this as a feature request.
Added a feature request here: #1802 |
Is your feature request related to a problem? Please describe.
Sometimes we have admin access to a certain amount of WP sites and want to skip enumeration in order to obtain faster results.
Besides faster we also want more precise results. For example we have 12 and we get 6 with or without enumerating. Those other 6 could also be attack vectors. In our example WordFence gets ignored with or without enumeration.
Describe the solution you'd like
Not sure. A plugin maybe that precisely lists all plugins and themes plus WP version? the information protected by IP whitelist.
API access to WP?
SSH access?
Describe alternatives you've considered
None
Additional context
None
The text was updated successfully, but these errors were encountered: