Website Scan and Screenshot Capture:

• Eyewitness
• Aquatone

Eyewitness Syntax

eyewitness --web -x web_discovery.xml -d inlanefreight_eyewitness

Aquatone Syntax

• Nmap .xml output

cat web_discovery.xml | ./aquatone -nmap

Wordpress Check

curl -s <http://blog.inlanefreight.local> | grep WordPress
curl -s <http://blog.inlanefreight.local/?p=1> | grep plugins

Wordpress Themes Check

curl -s <http://blog.inlanefreight.local/> | grep themes

Wordpress Plugins Check

curl -s <http://blog.inlanefreight.local/> | grep plugins

WordPress Password Attack

sudo wpscan --password-attack xmlrpc -t 20 -U john -P /usr/share/wordlists/rockyou.txt --url <http://blog.inlanefreight.local>

Joomla Version

 curl -s <http://dev.inlanefreight.local/README.txt> | head -n 5

curl -s <http://dev.inlanefreight.local/administrator/manifests/files/joomla.xml> | xmllint --format -

curl -s <http://dev.inlanefreight.local/plugins/system/cache/cache.xml>