# wpscan
[wpscan](https://wpscan.com/) is good for scanning WordPress sites for security issues and out-of-date plugins and themes and more!

## Basic scan of a site with an API key
```
wpscan --url https://yoursite.com --api-token XXX
```

## Basic scan with random user agent string, ignored redirects, and testing ALL plugins for vulns
```
wpscan --url https://yoursite.com --random-user-agent --api-token XXX --ignore-main-redirect -e ap
```

## Scan and save output
```
wpscan --url https://yoursite.com --api-token XXX -o savedoutput -f [json/cli-no-colour/cli-no-color,cli]
```