WordPress is a powerful and widely used CMS. According to W3techs it is used by 35.7% of all websites analyzed. GitHub hosts a very interesting tool that lets you scan a WordPress site to discover the username, version, theme name and installed plugins.

It should go without saying that analyzing a website can only be done with the site owner's permission. In this example we will analyze our own blog.

It's a Perl-based tool, so make sure you have it installed:

sudo apt-get install perl

For testing this program we'll use Ubuntu 18.04.3, without the benefit of Kali's bundled utilities. Before cloning the repository, make sure git is installed:

sudo apt-get install git

then move into the folder where you want to clone the program, in our case:

cd Desktop/

and start the copy:

git clone https://github.com/Moham3dRiahi/WPGrabInfo.git

Inside the folder you'll find the Perl program, WP-Grab.pl; to scan a WordPress site it's enough to run it with:

Perl WP-Grab.pl -u https://f-hack.com

From the result we get the information we're looking for (fig.1)

Fig. 1 - WP Grab in action