Wordpress Admin username's Password Brute Force Attack

 Wordpress Admin username's Password Brute Force Attack

Open terminal in kali linux and type 'wpscan --url http://site.com/ --enumerate u' and hit 

enter now wait few minutes you will get the users of website now you need the wordlist 'I 

don't have any wordlist so make your own, i will share the link of wordlist in comments when 

i make my own wordlist or find the wordlist', save on the desktop wordlist you have created 

or downloaded and save it as 'wordlist'. Now type 'wpscan --url http://site.com/ --wordlist 

'/path/wordlist.txt --username USERNAME HERE' (For this step you can drop and drag the 

wordlist on terminal) and hit enter then wait few minutes for BRUTE FORCE to check the 

passwords, You will get the password of admin user. 'IF YOUR LUCK IS WITH YOU'

Commands -

root@kali:~# wpscan --url http://site.com/ --enumerate u
root@kali:~# wpscan --url http://site.com/ --wordlist '/path of wordlist/wordlist.txt' --username USERNAME

Some examples are below !!! 

Note - This will work when the admin user's password is in your wordlist. And sometimes terminal will ask you for 'redirection' simply type 'Y' and hit enter.

PM me if you face any problem while brute forcing the password