WPForce is a suite of WordPress Attack tools. Currently this contains 2 scripts – WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules.
In this tutorial we learn how to do dictionary attack on any wordpress website for getting their user’s credential’s.
Download WPForce from github
git clone https://github.com/n00py/WPForce.git
cd WPForce chmod +x wpforce.py python wpforce.py -i user.txt -w password.txt -u http://www.test.com
For better understanding, check out the step by step video tutorial. and explore more about Yertle also for post exploitation.
Watch Step By Step Video On Youtube
“This tutorial is strictly for Education purpose, We are not responsible for any kind of damage.”