This tutorial is most likely outdated.

This tutorial explains how to install WPScan on Debian based systems. This is being done on a Debian 8 machine, although you should be able to tweak it to your needs.

First we’ll need an up to date Ruby installation. This is something where I had quite some trouble with in the beginning and I didn’t want to go with RVM.

Let’s first add a repository that has Ruby 2.3 available, as the normal Stable release for Debian is only 1.9.x at the time of writing.

apt-get install software-properties-common
add-apt-repository 'deb http://ppa.launchpad.net/brightbox/ruby-ng/ubuntu trusty main'
apt-get update

Let’s install the packages we’ll need for WPScan

apt-get install ruby2.3 ruby2.3-dev git make gcc libcurl4-openssl-dev zlib1g-dev

Now download (clone) WPScan using git:

git clone https://github.com/wpscanteam/wpscan.git
cd wpscan

Now we have to install the bundler which updates the Ruby gems.

gem install bundler && bundle install --without test

Now you can start WPScan by running it using ruby:

ruby wpscan.rb

And we’re done!

         __          _______   _____
        \ \        / /  __ \ / ____|
         \ \  /\  / /| |__) | (___   ___  __ _ _ __
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|
        WordPress Security Scanner by the WPScan Team
                       Version 2.9.1
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_

Previous Post Next Post