nmap -p80 --script http-wordpress-enum --script-args http-wordpress-enum.root='/wordpress',search-limit=1000 remote.nyx
wpscan --url http://192.168.1.10/wordpress --api-token $WP_TOKEN --plugins-detection aggressive
La variable de entorno $WP_TOKEN contiene el token generado en la web https://wpscan.com/
nuclei -u http://remote.nyx/wordpress/ -tags fuzz -t /home/d4redevil/.local/nuclei-templates/http/fuzzing/wordpress-plugins-detect.yaml
gobuster dir -u http://remote.nyx/wordpress/ -w /usr/share/seclists/Discovery/WebContent/CMS/wp-plugins.fuzz.txt
joomscan -u http://192.168.1.10
droopescan scan drupal -u http://example.org/ -t 32
php magescan.phar scan:all <https://example.com>
