WordPress is a powerful and widely used CMS. According to W3techs it is used by 35.7% of all websites analyzed. GitHub hosts a very interesting tool that lets you scan a WordPress site to discover the username, version, theme name and installed plugins.
It should go without saying that analyzing a website can only be done with the site owner's permission. In this example we will analyze our own blog.
It's a Perl-based tool, so make sure you have it installed:
sudo apt-get install perl
For testing this program we'll use Ubuntu 18.04.3, without the benefit of Kali's bundled utilities. Before cloning the repository, make sure git is installed:
sudo apt-get install git
then move into the folder where you want to clone the program, in our case:
cd Desktop/
and start the copy:
git clone https://github.com/Moham3dRiahi/WPGrabInfo.git
Inside the folder you'll find the Perl program, WP-Grab.pl; to scan a WordPress site it's enough to run it with:
Perl WP-Grab.pl -u https://f-hack.com
From the result we get the information we're looking for (fig.1)
Fig. 1 - WP Grab in action