This tutorial is 100% for Education Purpose only. Any time the word “Hacking” that is used on this site shall be regarded as Ethical Hacking. Do not attempt to violate the law with anything contained here. If you planned to use the content for illegal purposes, then please leave this site immediately! We will not be responsible for any illegal actions.

We can try to find the correct password for a user using WPScan to try all the potential passwords from our list of passwords that is generated using tools like CeWl, CUPP, etc.

In this example, we will try to get the password of user @apietz from pentest.id using the password list apietz.txt.

$ wpscan –url https://pentest.id/wp-login.php -P apietz.txt –usernames @apietz –force